Full Disclosure mailing list archives
Re: IE8 img tag HiJacking
From: T Biehn <tbiehn () gmail com>
Date: Thu, 22 Apr 2010 14:43:27 -0400
Hey, you actually posted information! Congrats! Did you learn about this 'information channel' from your numerous 'blackhat' friends? -Travis On Apr 22, 2010 2:17 PM, "Dan Kaminsky" <dan () doxpara com> wrote: Also, Billy Hoffman has done a lot of fun work in this space, see http://www.gnucitizen.org/blog/javascript-remoting-dangers/ 2010/4/22 Dan Kaminsky <dan () doxpara com>:
Interesting use, using filesize to back into the actual CAPTCHA used for a given query. Sneaky!...
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- IE8 img tag HiJacking Владимир Воронцов (Apr 21)
- Re: IE8 img tag HiJacking T Biehn (Apr 22)
- Re: IE8 img tag HiJacking Dan Kaminsky (Apr 22)
- Re: IE8 img tag HiJacking Dan Kaminsky (Apr 22)
- Message not available
- Re: IE8 img tag HiJacking T Biehn (Apr 22)
- Re: IE8 img tag HiJacking Dan Kaminsky (Apr 22)
- Re: IE8 img tag HiJacking Владимир Воронцов (Apr 22)
- Re: IE8 img tag HiJacking T Biehn (Apr 22)