Re: HOTMAIL / PASSPORT: phishing expedition

["morning_wood" <se_cur_ity () hotmail com>]

> buddy<iframe src="http://www.malware.com/pithy.html";>
so could this url be considered a "phishing scam" ?
 regardless of your implied intent? It does pretend
to be a genuine login, and i am sure you are collecting successfull
attempts to a log ( right? ). Has your "demo" oversteped the bounds
of  "security research" into the realm of "collecting confidental 
( login / password ) information for purposes of access circumvention" ?

currious,

Donnie Werner
http://exploitlabs.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html