Re: PGP spoof decrypted output?

From: Brian Hatch (vuln-devat_private)
Date: Fri Jun 07 2002 - 10:50:17 PDT

Next message: Rich Henning: "Re: PGP spoof decrypted output?"

Previous message: Tony Camp: "RE: Phone Switches + telephone banking etc"
In reply to: Olaf Kirch: "Re: PGP spoof decrypted output?"
Next in thread: Rich Henning: "Re: PGP spoof decrypted output?"
Next in thread: McAllister, Andrew: "RE: PGP spoof decrypted output?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Of course, this sort
> of spoof will only work on mailers such as mutt where you cannot
> clearly tell PGP output from message content (and you have to pay attention
> to other cues, such as the "s" flag shown in the mail folder listing).

Well in my mutt configuration the pgp verification is in
brown.  Your faux-pgp verification, since it was only
normal message content, was in blue like the rest of the
text and stood out instantly.

That and the fact that I don't have your key on my keyring,
so it wouldn't show the acutal key owner if it were legit.

When I started reading the message I thought gnupg/mutt was
broken and was going to investigate.  Luckily I read your
message before checking it out.


--
Brian Hatch                  Nostalgia isn't
   Systems and                what it used to be.
   Security Engineer
www.hackinglinuxexposed.com

Every message PGP signed

application/pgp-signature attachment: stored

Next message: Rich Henning: "Re: PGP spoof decrypted output?"
Previous message: Tony Camp: "RE: Phone Switches + telephone banking etc"
In reply to: Olaf Kirch: "Re: PGP spoof decrypted output?"
Next in thread: Rich Henning: "Re: PGP spoof decrypted output?"
Next in thread: McAllister, Andrew: "RE: PGP spoof decrypted output?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jun 07 2002 - 15:41:24 PDT