Bugtraq mailing list archives
E-Mail header Injection in HiFriend
From: Peter Wiesen <broken-error () hotmail com>
Date: Mon, 21 Jul 2008 20:01:18 +0200
------------------------------------ -------Header Injection---------- ------------------------------------ Script: hifriend.pl Vendor: Hibyte SoftwareVersion: The free one you get from many webpages Dork: "hifriend.pl" + "cgi-bin" ------------------------------------ ---------------Infos--------------- ------------------------------------ This Exploit allows you to: * send spam * send fakemails * E-Mail spoofing Whit the google dork, you find a lot of pages using HiFriend. A lot of Servers to send spam with. Modify the source of the Exploit to change the message, your spoofed e-mail, and the receiver. Oh and you can send multiple mails! Just put a comma behind a mail adress. ------------------------------------ --------------Exploit--------------- ------------------------------------ http://perforin.dark-codez.com/Perl-Scripts/hifriend-xploit.txt ------------------------------------ ---------Visit & Greetings-------- ------------------------------------ www.DarK-CodeZ.com Greetings to all my Friends ;) _________________________________________________________________ Testen Sie Live.com - die schnelle, personalisierte Homepage, über die Sie auf alle für Sie relevanten Inhalte zentral zugreifen können. http://www.live.com/getstarted
Current thread:
- E-Mail header Injection in HiFriend Peter Wiesen (Jul 21)
- Re: E-Mail header Injection in HiFriend Adrian Pastor (Jul 29)