LOL!! That made my day! Thankyu... That is the BEST description, of 'adam' I could have watched... and, so true... i am actually in hysterics when i saw this. unfortunately, some people have to pick on the smallest things, (as i had said, i am in work, and, yes, am rushing things abit even now, however, I am going to keep that link and, remember to watch it eveytime an Adam comes along :) Thankyou Jeffrey :) xd / Dru
On 12 June 2011 10:49, Jeffrey Walton <[email protected]> wrote: > On Sat, Jun 11, 2011 at 8:45 PM, adam <[email protected]> wrote: > > Somehow, I seriously doubt that. > > The point is, broken English or not - this has to be the most laughable > PoC > > I've ever seen. He originally insists that this is a problem related to > (web > > based?) mail providers (which would lead anyone to believe is server > > related) and then turns around and begins referencing external libraries > > (that he can't even name?). > > Lastly, before diving face first into his ass - you should have probably > > performed a Google search. I'll give you a hint, he's not located in some > > third world country. > Too funny.... Location is distinct from native tongue. > http://www.collegehumor.com/video/5817726/internet-bridge-troll > > Jeff > > > On Sat, Jun 11, 2011 at 7:30 PM, Jeffrey Walton <[email protected]> > wrote: > >> > >> On Sat, Jun 11, 2011 at 8:13 PM, adam <[email protected]> wrote: > >> > When the English version becomes available, please let me know. > >> I'd bet secn3t's english is better than your speaking his native > >> tongue.... > >> > >> > On Sat, Jun 11, 2011 at 7:02 PM, -= Glowing Doom =- <[email protected] > > > >> > wrote: > >> >> > >> >> Systems wich appear vulnerable: EVERY single one i have tried... > >> >> > >> >> How: > >> >> > >> >> I wrote that sentecne, then, i backspaced it and blacked it over with > >> >> copy > >> >> , then, enter url to wherver i want... > >> >> There is 3 ways i have found todo this, when i dissected one of them, > >> >> the > >> >> URL/Sentence, was gfull of x41\x41\x41 , very strange... because it > is > >> >> still > >> >> able to be done 3 ways, and the simplest way does NOT require even > html > >> >> 'link' to section, wich is what MST be done, altho on older emailer > >> >> systems, > >> >> I see that it is simple as backspace over the sentence,then type the > >> >> url, it > >> >> a'appears' at first , to be a normal deleted sentence, but when I > open > >> >> and > >> >> dissect, it shows URL/41/41/41 then all over the email page, same > thing > >> >> ... > >> >> I know this might be confusing, I traced the problem to a dll or lib > >> >> wich > >> >> is for text editing , and that dll is a VERY common one on any > system, > >> >> sofar > >> >> not one mailing system, has NOT had this vuln... yet, i have seen > >> >> another > >> >> 'version' of this attack type, but, they can ONLY spoof a URL... This > >> >> one, > >> >> you can make the whole email, a url... i will do this right now.. > >> >> > >> >> [SNIP] > >> > >> _______________________________________________ > >> Full-Disclosure - We believe in it. > >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html > >> Hosted and sponsored by Secunia - http://secunia.com/ > > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
