Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: LinkedIn_User Account Delete using Click jacking

From: hfux0r <hfux0r () gmail com>
Date: Fri, 7 Oct 2011 21:06:02 -0500
Yeah, because it is totally safe to open up anything behind a Shortened URL.  The fact that the FBI is on your ass is 
the only reason I might find this safe :)




On Oct 7, 2011, at 9:36 PM, Laurelai <laurelai () oneechan org> wrote:


On 10/7/2011 3:23 PM, Naresh Jha wrote:


Guys - Correct me if I am wrong but wouldn't macro enabled document be like .docm as per Word 2007+??? 

I mean its a docx file right ....like zip file ... we can extract the contents after changing it into zip ...can't 
we ???

JT

On Fri, Oct 7, 2011 at 5:41 PM, Ferenc Kovacs <tyra3l () gmail com>         wrote:

The document appears to be password protected as well. Ive tried to open it
in a VM and it prompts for a password.


it seems that you missed it:
"Password to access the report is:  8nj98F4h9AW"

--
Ferenc Kovács
@Tyr43l - http://tyrael.hu

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


I posted the extracted content already :)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: