Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: POC for a simple gmail/possible code injection into html wich can be executed in an email, i will make the PoC code and explain how here and now...

From: adam <adam () papsy net>
Date: Sun, 12 Jun 2011 00:07:08 -0500
That about sums it up, although he unsubscribed from the list so I've CC'd
him.

If you're bored, look at the quoted conversation below. He went into a
complete nerd rage after unsubscribing, all because we wouldn't take his *
exploit* seriously.

On Sun, Jun 12, 2011 at 12:01 AM, ghost <ghosts () gmail com> wrote:


From what i've gathered... you believe that Anchor Text<http://en.wikipedia.org/wiki/Anchor_text> is

an exploit ? ......cereal<http://dictionary.reference.com/browse/seriously>
 ?


On Sat, Jun 11, 2011 at 8:09 PM, -= Glowing Doom =- <secn3t () gmail com>wrote:


Here again....

I will write a sentence now, and, i will just copy, so it is 'darkened'
text , then with NO backspace just leave the text darkened, and goto 'link'
, and enter a link.. the text will turn to red.


(this is the easiest way to reproduce it...) <http://www.haxxor-NOT.bs>






_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: