Full Disclosure mailing list archives
RE: Small vulnerability in Canadian Pay Pal SecretQuestion
From: "Dan Clements" <dan () cardcops com>
Date: Fri, 9 Jan 2004 13:04:27 -0800
FYI...
This mini-white paper outlines how hackers and carders migrate or hopscotch between online accounts. These sites are discussed; Amazon, Paypal, Earthlink, and Bank of America, among others. http://www.cardcops.com/account_takeover.htm
-----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com]On Behalf Of Rob Adams Sent: Friday, January 09, 2004 12:07 PM To: j tole Cc: hostmaster () paypal com; full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Small vulnerability in Canadian Pay Pal SecretQuestion j tole wrote, in part:
One of the [Paypal] secret questions you can select when setting up your pay pal account is to enter the last 4 digits of your drivers license. The problem here, is that the last 4 digits of most any canadian drivers license are the month and day that you were born. For example of the last 7 digits of my drivers license were 8-40726 then I would be born on july 26th, 1984. J. Tole a.k.a. ph1zzle jtole2003 () yahoo com
For what it is worth, here in Illinois the last five digits encode your year and date of birth, and gender (the first seven encode your name). For example, a male, born 5/5/1963 would have a license that ends: 63129 See http://www.highprogrammer.com/alan/numbers/dl_us_shared.html for details. Rob Adams _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Small vulnerability in Canadian Pay Pal Secret Question j tole (Jan 09)
- Re: Small vulnerability in Canadian Pay Pal Secret Question Rob Adams (Jan 09)
- RE: Small vulnerability in Canadian Pay Pal SecretQuestion Dan Clements (Jan 09)
- Re: Small vulnerability in Canadian Pay Pal Secret Question Rob Adams (Jan 09)