Yea... pity i am awake at 6am... some of us actually work, and have to rush things... however, i will take more care next time, especially for you Adam :)
On 12 June 2011 10:13, adam <[email protected]> wrote: > When the English version becomes available, please let me know. > > On Sat, Jun 11, 2011 at 7:02 PM, -= Glowing Doom =- <[email protected]>wrote: > >> Systems wich appear vulnerable: EVERY single one i have tried... >> >> How: >> >> I wrote that sentecne, then, i backspaced it and blacked it over with copy >> , then, enter url to wherver i want... >> There is 3 ways i have found todo this, when i dissected one of them, the >> URL/Sentence, was gfull of x41\x41\x41 , very strange... because it is still >> able to be done 3 ways, and the simplest way does NOT require even html >> 'link' to section, wich is what MST be done, altho on older emailer systems, >> I see that it is simple as backspace over the sentence,then type the url, it >> a'appears' at first , to be a normal deleted sentence, but when I open and >> dissect, it shows URL/41/41/41 then all over the email page, same thing ... >> I know this might be confusing, I traced the problem to a dll or lib wich >> is for text editing , and that dll is a VERY common one on any system, sofar >> not one mailing system, has NOT had this vuln... yet, i have seen another >> 'version' of this attack type, but, they can ONLY spoof a URL... This one, >> you can make the whole email, a url... i will do this right now.. >> >> >> PoC1. >> Ok, this is a PoC , this actual whole sentence...<http://www.lemonparty.biz> >> >> >> PoC 2: >> >> I wrote that sentecne, then, i backspaced it and blacked it over with copy >> , then, enter url to wherver i want...There is 3 ways i have found todo >> this, when i dissected one of them, the URL/Sentence, was gfull of >> x41\x41\x41 , very strange... because it is still able to be done 3 ways, >> and the simplest way does NOT require even html 'link' to section, wich is >> what MST be done, altho on older emailer systems, I see that it is simple as >> backspace over the sentence,then type the url, it a'appears' at first , to >> be a normal deleted sentence, but when I open and dissect, it shows >> URL/41/41/41 then all over the email page, same thing ... I know this might >> be confusing, I traced the problem to a dll or lib wich is for text >> editing<http://www.goggle.com> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
