Full Disclosure mailing list archives
Re: iFriends free video chat exploit
From: Valdis.Kletnieks () vt edu
Date: Fri, 28 Dec 2007 17:51:28 -0500
On Fri, 28 Dec 2007 16:09:23 CST, Ifriends Exploit said:
If you don't have an iFriends account, and do not wish to get one, find a chathost utilizing EasyCam, and enter their Guest Chatroom, follow the steps above, except look for a file named "LSChatViewG.swf" instead... this is the flash file for guest chats. Once you've downloaded this file, you'll need to use a Flash decompiler to decompile this file, and then delete the privacy screen and recompile it.
Gaak. ;) Remember kiddies - friends don't let friends deploy systems that depend on untrusted end hosts to do validation of critical information for them.. .;)
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- iFriends free video chat exploit Ifriends Exploit (Dec 28)
- Re: iFriends free video chat exploit Valdis . Kletnieks (Dec 28)
- Re: iFriends free video chat exploit damncon (Dec 28)
- Re: iFriends free video chat exploit worried security (Dec 28)
- Re: iFriends free video chat exploit damncon (Dec 28)
- Re: iFriends free video chat exploit reepex (Dec 28)
- Re: iFriends free video chat exploit damncon (Dec 29)
- Re: iFriends free video chat exploit damncon (Dec 28)
- Re: iFriends free video chat exploit Valdis . Kletnieks (Dec 28)