Full Disclosure mailing list archives

Re: Drive-by Pharming Threat

From: Gaurang Pandya <gaubrig () yahoo com>
Date: Mon, 19 Feb 2007 22:13:49 -0800 (PST)


--- Andrew Farmer <andfarm () gmail com> wrote:

On 19 Feb 07, at 20:36, Gaurang Pandya wrote:

just wondering why cant simple perl script be used
instead??


Because it's easy to write a web page to make a user
run some Flash.  
Making a user run Perl isn't so easy.

I think just one question of mikeiscool made it clear
to me..correct me if wrong..I cant use perl because
even if I have server in my control it can just emit
html tags..and cant telnet to device providing
username/password using html or even some client
script .

Thanks.

Gaurang.


 
____________________________________________________________________________________
Sucker-punch spam with award-winning protection. 
Try the free Yahoo! Mail Beta.
http://advision.webevents.yahoo.com/mailbeta/features_spam.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Drive-by Pharming Threat auto400208 (Feb 19)
- Re: Drive-by Pharming Threat Andrew Farmer (Feb 19)
- Re: Drive-by Pharming Threat Martin Johns (Feb 19)
  - Re: Drive-by Pharming Threat Gaurang Pandya (Feb 19)
    - Re: Drive-by Pharming Threat mikeiscool (Feb 19)
    - Re: Drive-by Pharming Threat Gaurang Pandya (Feb 19)
    - Re: Drive-by Pharming Threat Andrew Farmer (Feb 19)
    - Re: Drive-by Pharming Threat Gaurang Pandya (Feb 19)
- Re: Drive-by Pharming Threat Jeremy Saintot (Feb 20)
- <Possible follow-ups>
- Re: Drive-by Pharming Threat auto400208 (Feb 20)
- Re: Drive-by Pharming Threat auto400208 (Feb 20)