YEP! When ya do it right, dang right it is! I did never reproduce the EXACT ethod wich made the x41's happen... but, i dun really care for that bug, or you call it a feature..well, i dont know feratures wich have x41's al;l over the emails when made in a special way... so, it was low-level to :) anyhow, no, i wont bother to recreate the email body, without using any 'features' of googles, for you. It is possible to exploit rich text editor, i have said.. the dll itself.. so maybe go investigate and stfu :) now back to the backdoor.
On 10 October 2011 11:23, adam <[email protected]> wrote: > Yeah guys, XSS is nonsense. Exploiting anchor text is where it's at, right > secn3t? > > http://seclists.org/fulldisclosure/2011/Jun/215 > > On Sun, Oct 9, 2011 at 7:10 PM, xD 0x41 <[email protected]> wrote: > >> No, i have been through these, and only an idiot would fall for any of >> these attacks... Persistent XSS maybe harder, but, forget the rest :) >> Im to old for that. >> Never been a victim yet, in *any* way, and, certainly, those bugs wont be >> starting a trend.. >> cheer. >> xd >> >> >> >> On 10 October 2011 10:27, <[email protected]> wrote: >> >>> On Mon, 10 Oct 2011 09:36:17 +1100, xD 0x41 said: >>> >>> > No,... and am happy not to know :-) , like XSS , i do not waste time >>> with >>> > ninoritiy bugs such as 'clickjacking' and these new such terms wich are >>> > total BS. >>> >>> It's all total BS till you discover you're a victim of the attack. >>> >> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
