Vulnerability Development mailing list archives
Re: MSN messenger service
From: 11a () GMX NET (Bluefish)
Date: Thu, 11 May 2000 21:55:11 +0200
http://nyheter.idg.se/display.pl?ID=000511-CS12 (swedish only. the article is just a few hours old) Anonymous source (spookesman?) within Microsoft claims to have fixed a problem where emails sent to hotmail users could by using .html files make the browser send the attacker the hotmail password (by sending a cookie) Same bug, or just a very similar to the one we were discussing? Is Microsoft monitoring vuln-dev, mayhap? :) There's no information to when the servers were upgraded, just that they were. Also, there's no information about if it is know to have been exploited. ..:::::::::::::::::::::::::::::::::::::::::::::::::.. http://www.11a.nu || http://bluefish.11a.nu eleventh alliance development & security team On Thu, 20 Apr 2000, Masial wrote:
Hi all, just a few toughts... Microsoft is assuming the following: (a) get you to log onto Hotmail or MSN Messenger (b) get you to leave your computer unattended (c) do this with exactly the right timing in order to copy the file during the very short period that it exists. However, while (A) is obviously required, assuming that (B) and (C) are required for the breach to occur is a bit naive. As John mentioned, i could beef up a little VBScript file that does a little "while true" loop and nabs any .htm containg some string (say "hotmail.com"). That same cute vb script could then do something like open a TCP connection to the other little cute vbs running on my own machine to send him the cool info. I would then have it pop me the hotmail page and read -insert victim here-'s email and whats not. This is, as opposed to what MS says, very trivial. I could code this in about 15mins. Getting the file onto your victim wouldnt be very hard with a bit of creativity and once there it could behave somewhat like the Kak virus (replicates in system and adds itself to the run key, then appends your current signature files). Does anyone see something wrong with this? M.
Current thread:
- Re: MSN messenger service Bluefish (May 11)