Full Disclosure mailing list archives
Re: marc's list getting bigger, grab while you can
From: "Tom Harrison" <Tom.Harrison () e-mis com>
Date: Tue, 16 Jan 2007 09:59:06 -0000
PEBKAC, as usual. There was a spoofed login page at http://www.marcolano.com/login/ (Googlecache vers: http://64.233.183.104/search?q=cache:u2RtwlpBqFcJ:www.marcolano.com/logi n/+inurl:marcolano&hl=en&gl=uk&ct=clnk&cd=2) that was identical to the myspace login page. My guess is that he's bounced people to it either from his "funny" Tom Cruise joke page, http://www.marcolano.com/funny/comic_tomcruise.html, which seems to be a good bit of viral memeing, or the Marc Olano Editor (linked (googlecache) from here: http://64.233.183.104/search?q=cache:AT_1eXGvYf8J:profile.myspace.com/in dex.cfm%3Ffuseaction%3Duser.viewprofile%26friendID%3D19262067+marc+olano +editor+myspace&hl=en&gl=uk&ct=clnk&cd=1) which looks to be a layout creator for myspace pages. Either one would keep within his target demographic of myspace users, though the Tom Cruise one less so. Though I admit I have no idea what "fuseaction=mail.inbox&Mytoken=C4A2B3AF-1320-5CEA-FA0C50BA36B05197421825 75" does, one of the hidden inputs in his spoofed login page. That's from some relatively lo-fi google-fu, a look at the domain gives registration info that's probably relatively current. Maybe someone should call him and ask :)? Tom -----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Deepan Sent: 16 January 2007 06:31 To: Emma Perdue Cc: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] marc's list getting bigger, grab while you can On Mon, 2007-01-15 at 12:49 +0000, Emma Perdue wrote:
56000+ myspace accounts (hotmail, yahoo, gmail credentials are bonus) http://www.marcolano.com/login/myspace.txt
Can you give details about the bugs in myspace that you used to hijack the credentails ? Thanks Deepan _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- marc's list getting bigger, grab while you can Emma Perdue (Jan 15)
- Re: marc's list getting bigger, grab while you can wilder_jeff Wilder (Jan 15)
- Message not available
- Re: marc's list getting bigger, grab while you can Ag. System Administrator (Jan 15)
- Message not available
- Message not available
- Re: marc's list getting bigger, grab while you can Randal L. Schwartz (Jan 15)
- Re: marc's list getting bigger, grab while you can Alex (Jan 15)
- Re: marc's list getting bigger, grab while you can wilder_jeff Wilder (Jan 15)
- Re: marc's list getting bigger, grab while you can Tom Harrison (Jan 16)