Re: javascript hotmail password trap

From: David L. Nicol (davidat_private)
Date: Mon Apr 26 1999 - 00:18:08 PDT

Next message: 1nternal @geocities.com: "Minor privacy exploit in Outlook Express"

Previous message: David L. Nicol: "Capability OS? ((was Re: stored credentials was: Netscape 4.5"
Maybe in reply to: David L. Nicol: "javascript hotmail password trap"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

ha ha.

No, it wasn't a traditional password trap (like yours) but
a javascript which takes advantage of cookie-based security
hooks to contact hotmail's database and change your password.




frisco wrote:
>
> Is that originating page anything like
> http://www-personal.wccnet.org/~frisco/code/assorted/hotmail.html
> ?  It's a page i made a while back to describe some security issues to
> some co-workers.
>
> just curious.
>
> -f
> http://www.peruano.org/
>

________________________________________________________________________
  David Nicol 816.235.1187 UMKC Network Operations davidat_private
    "If you're calling about the Nobel prize, press 4"  GPG+ P+++ e*

Next message: 1nternal @geocities.com: "Minor privacy exploit in Outlook Express"
Previous message: David L. Nicol: "Capability OS? ((was Re: stored credentials was: Netscape 4.5"
Maybe in reply to: David L. Nicol: "javascript hotmail password trap"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:43:55 PDT