wow... you visit sduch GREAT websites :) hehe... i think you have said enough for yourself...
On 12 June 2011 11:02, adam <[email protected]> wrote: > I guess we're right back to being idiotic. > > Either way, Christian, you may want to be careful. When this guy isn't busy > releasing ground-breaking, never-before-seen full disclosures, he's hacking > people off the internet: > > http://ryan1918.com/viewtopic.php?f=2&t=1946 > > > On Sat, Jun 11, 2011 at 7:57 PM, -= Glowing Doom =- <[email protected]>wrote: > >> LOL!! >> That made my day! >> >> Thankyu... That is the BEST description, of 'adam' I could have watched... >> and, so true... i am actually in hysterics when i saw this. >> unfortunately, some people have to pick on the smallest things, (as i had >> said, i am in work, and, yes, am rushing things abit even now, however, I am >> going to keep that link and, remember to watch it eveytime an Adam comes >> along :) >> Thankyou Jeffrey :) >> xd / Dru >> >> >> >> >> On 12 June 2011 10:49, Jeffrey Walton <[email protected]> wrote: >> >>> On Sat, Jun 11, 2011 at 8:45 PM, adam <[email protected]> wrote: >>> > Somehow, I seriously doubt that. >>> > The point is, broken English or not - this has to be the most laughable >>> PoC >>> > I've ever seen. He originally insists that this is a problem related to >>> (web >>> > based?) mail providers (which would lead anyone to believe is server >>> > related) and then turns around and begins referencing external >>> libraries >>> > (that he can't even name?). >>> > Lastly, before diving face first into his ass - you should have >>> probably >>> > performed a Google search. I'll give you a hint, he's not located in >>> some >>> > third world country. >>> Too funny.... Location is distinct from native tongue. >>> http://www.collegehumor.com/video/5817726/internet-bridge-troll >>> >>> Jeff >>> >>> > On Sat, Jun 11, 2011 at 7:30 PM, Jeffrey Walton <[email protected]> >>> wrote: >>> >> >>> >> On Sat, Jun 11, 2011 at 8:13 PM, adam <[email protected]> wrote: >>> >> > When the English version becomes available, please let me know. >>> >> I'd bet secn3t's english is better than your speaking his native >>> >> tongue.... >>> >> >>> >> > On Sat, Jun 11, 2011 at 7:02 PM, -= Glowing Doom =- < >>> [email protected]> >>> >> > wrote: >>> >> >> >>> >> >> Systems wich appear vulnerable: EVERY single one i have tried... >>> >> >> >>> >> >> How: >>> >> >> >>> >> >> I wrote that sentecne, then, i backspaced it and blacked it over >>> with >>> >> >> copy >>> >> >> , then, enter url to wherver i want... >>> >> >> There is 3 ways i have found todo this, when i dissected one of >>> them, >>> >> >> the >>> >> >> URL/Sentence, was gfull of x41\x41\x41 , very strange... because it >>> is >>> >> >> still >>> >> >> able to be done 3 ways, and the simplest way does NOT require even >>> html >>> >> >> 'link' to section, wich is what MST be done, altho on older emailer >>> >> >> systems, >>> >> >> I see that it is simple as backspace over the sentence,then type >>> the >>> >> >> url, it >>> >> >> a'appears' at first , to be a normal deleted sentence, but when I >>> open >>> >> >> and >>> >> >> dissect, it shows URL/41/41/41 then all over the email page, same >>> thing >>> >> >> ... >>> >> >> I know this might be confusing, I traced the problem to a dll or >>> lib >>> >> >> wich >>> >> >> is for text editing , and that dll is a VERY common one on any >>> system, >>> >> >> sofar >>> >> >> not one mailing system, has NOT had this vuln... yet, i have seen >>> >> >> another >>> >> >> 'version' of this attack type, but, they can ONLY spoof a URL... >>> This >>> >> >> one, >>> >> >> you can make the whole email, a url... i will do this right now.. >>> >> >> >>> >> >> [SNIP] >>> >> >>> >> _______________________________________________ >>> >> Full-Disclosure - We believe in it. >>> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>> >> Hosted and sponsored by Secunia - http://secunia.com/ >>> > >>> > >>> >>> _______________________________________________ >>> Full-Disclosure - We believe in it. >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>> Hosted and sponsored by Secunia - http://secunia.com/ >>> >> >> >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
