Bugtraq mailing list archives
Re: Hotmail message view exploit
From: Scott Gifford <sgifford () tir com>
Date: 19 Aug 2001 22:48:00 -0400
"Jome" <jome () emoj net> writes:
It also helps to know that from the message numbers, in you own hotmail inbox,you can see about what time is what message number been used. eg: MSG997936971.27 arrived on 16.08.2001. MSG996698372.27 arrived on 01.08.2001. MSG975960863.0 arrived on 04.12.2000.The numbers after MSG and before the dot (i.e. 997936971, 996698372 and 975960863) is a UNIX timestamp which means, if I've understood this correctly, that you have to know exactly when a message has arrived. I dont't know about the number after the dot, but it may be the number of the message received at that exact second. Even if you have a scanner, wouldn't it be thousands of messages to scan even if you knew which minute a message has arrived?
The standard UNIX timestamp only has a resolution of 1 second. If that is indeed what they're using, there would only be 60 messages to scan if you knew what minute the message came in, 3600 if you knew what hour, and 86400 if you knew what day. If the part after the dot is hundredths-of-second instead of a counter of messages received in the same second, it's trickier; multiply all of the numbers above by 100.
From the above example, though, it looks more likely that it
represents some kind of status. Odds of there being 27 messages received in the same second on two different occasions are slim, and are odds that two messages were both received at 27/100ths of a second are 1/100, which isn't all that likely either. How that affected the time required for scans depends on how many statuses there are, and how common each is. -----ScottG.
Current thread:
- Hotmail message view exploit [Digital-Vortex] (Aug 18)
- Re: Hotmail message view exploit Jome (Aug 19)
- Re: Hotmail message view exploit Scott Gifford (Aug 19)
- Re: Hotmail message view exploit Jome (Aug 19)