Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Using HTML errors to steal MySpace accounts

From: batchwork () arcor de
Date: Fri, 26 May 2006 05:02:00 +0200 (CEST)
If you post a bulltin with the following content, a Box will appear above the
bulletin for the reading users. Easy to blurb something about a MySpace
Security Center and lead the user to a fake site where they need to input
email adresses and passwords:

-
This is a bulletin, and it looks pretty nice.</td>Everything after the tag 
will appear ABOVE the bulletin.
-

Greetings,
Batchwork

--
freemail adverts:

Viel oder wenig? Schnell oder langsam? Unbegrenzt surfen + telefonieren
ohne Zeit- und Volumenbegrenzung? DAS TOP ANGEBOT JETZT bei Arcor: günstig
und schnell mit DSL - das All-Inclusive-Paket für clevere Doppel-Sparer,
nur  44,85 €  inkl. DSL- und ISDN-Grundgebühr!
http://www.arcor.de/rd/emf-dsl-2

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: