Full Disclosure mailing list archives
Re: LinkedIn_User Account Delete using Click jacking
From: Laurelai <laurelai () oneechan org>
Date: Sat, 08 Oct 2011 06:31:09 -0500
On 10/7/2011 9:06 PM, hfux0r wrote:
Yeah, because it is totally safe to open up anything behind a Shortened URL. The fact that the FBI is on your ass is the only reason I might find this safe :) On Oct 7, 2011, at 9:36 PM, Laurelai <laurelai () oneechan org <mailto:laurelai () oneechan org>> wrote:On 10/7/2011 3:23 PM, Naresh Jha wrote:Guys - Correct me if I am wrong but wouldn't macro enabled document be like .docm as per Word 2007+??? I mean its a docx file right ....like zip file ... we can extract the contents after changing it into zip ...can't we ??? JT On Fri, Oct 7, 2011 at 5:41 PM, Ferenc Kovacs <tyra3l () gmail com <mailto:tyra3l () gmail com>> wrote: > The document appears to be password protected as well. Ive tried to open it > in a VM and it prompts for a password. it seems that you missed it: "Password to access the report is: 8nj98F4h9AW" -- Ferenc Kovács @Tyr43l - http://tyrael.hu _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/I posted the extracted content already :) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
its not a shortened url, its a download/upload service like rapidshare, had you actually clicked it you would know how dumb what you said was.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: LinkedIn_User Account Delete using Click jacking, (continued)
- Re: LinkedIn_User Account Delete using Click jacking Gary Baribault (Oct 07)
- Re: LinkedIn_User Account Delete using Click jacking Zachary Hanna (Oct 07)
- Re: LinkedIn_User Account Delete using Click jacking xD 0x41 (Oct 07)
- Re: LinkedIn_User Account Delete using Click jacking Peter Dawson (Oct 07)
- Re: LinkedIn_User Account Delete using Click jacking xD 0x41 (Oct 07)
- Re: LinkedIn_User Account Delete using Click jacking Laurelai (Oct 07)
- Re: LinkedIn_User Account Delete using Click jacking Ferenc Kovacs (Oct 07)
- Re: LinkedIn_User Account Delete using Click jacking Naresh Jha (Oct 07)
- Re: LinkedIn_User Account Delete using Click jacking Laurelai (Oct 07)
- Re: LinkedIn_User Account Delete using Click jacking hfux0r (Oct 08)
- Re: LinkedIn_User Account Delete using Click jacking Laurelai (Oct 08)
- Re: LinkedIn_User Account Delete using Click jacking Peter Dawson (Oct 07)
- Re: LinkedIn_User Account Delete using Click jacking Laurelai (Oct 07)
- Re: LinkedIn_User Account Delete using Click jacking xD 0x41 (Oct 08)
- Re: LinkedIn_User Account Delete using Click jacking Ferenc Kovacs (Oct 09)
- Re: LinkedIn_User Account Delete using Click jacking xD 0x41 (Oct 09)
- Re: LinkedIn_User Account Delete using Click jacking Valdis . Kletnieks (Oct 09)
- Re: LinkedIn_User Account Delete using Click jacking xD 0x41 (Oct 09)
- Re: LinkedIn_User Account Delete using Click jacking adam (Oct 09)
- Re: LinkedIn_User Account Delete using Click jacking xD 0x41 (Oct 09)