Full Disclosure mailing list archives
Using HTML errors to steal MySpace accounts
From: batchwork () arcor de
Date: Fri, 26 May 2006 05:02:00 +0200 (CEST)
If you post a bulltin with the following content, a Box will appear above the bulletin for the reading users. Easy to blurb something about a MySpace Security Center and lead the user to a fake site where they need to input email adresses and passwords: - This is a bulletin, and it looks pretty nice.</td>Everything after the tag will appear ABOVE the bulletin. - Greetings, Batchwork -- freemail adverts: Viel oder wenig? Schnell oder langsam? Unbegrenzt surfen + telefonieren ohne Zeit- und Volumenbegrenzung? DAS TOP ANGEBOT JETZT bei Arcor: günstig und schnell mit DSL - das All-Inclusive-Paket für clevere Doppel-Sparer, nur 44,85 inkl. DSL- und ISDN-Grundgebühr! http://www.arcor.de/rd/emf-dsl-2 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Using HTML errors to steal MySpace accounts batchwork (May 25)