Full Disclosure mailing list archives
Gmail dangerous attachment type bypass
From: WooYun <root () wooyun org>
Date: Sat, 29 Oct 2011 11:31:20 +0800
Hi Someone report this on wooyun http://www.wooyun.org/bugs/wooyun-2010-03139 Just use Content-Disposition: attachment; filename="trojan.exe." can bypass gmail security check :)
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Gmail dangerous attachment type bypass WooYun (Oct 29)