> buddy<iframe src="http://www.malware.com/pithy.html";> so could this url be considered a "phishing scam" ? regardless of your implied intent? It does pretend to be a genuine login, and i am sure you are collecting successfull attempts to a log ( right? ). Has your "demo" oversteped the bounds of "security research" into the realm of "collecting confidental ( login / password ) information for purposes of access circumvention" ?
currious, Donnie Werner http://exploitlabs.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
