Re: login yahoogroups.

From: Rafael Anschau (rhanschaat_private)
Date: Sun Jun 30 2002 - 10:17:33 PDT

  • Next message: KF: "Re: Google lists vulnerable sites."

    I conjecture that the extra chars will be stored somewhere and removed later on. Therefore, the login will 
    be parsed "cleanly". 
    
    Question 1: Is it possible to bypass the parser process through characters not included in the
    parser table ? 
    
    Question2: Is  there a naive buffer, without bounderies checking, just awaiting for the  login ?
    
    []'s
    
    Woody
    
    
    > I have several yahoo accounts that have special characters in them (-, @ and
    > $). Yahoo supresses some characters like @ but does not supress dashes or
    > dots.  Spaces are replaced with +'s.  I guess } is supressed; I know this
    > from ymessenger, and since yahoo uses the same authentication scheme for all
    > their services, I'm sure it applies to yahoo groups too.
    > 
    > $0.02
    > 
    > Alonso Caballero said:
    > > Subject: login yahoogroups.
    > >
    > >  Saludos:
    > >
    > >  Well; when i sign in to my account in yahoogroups, i typed other
    > > characters in the end of my yahoo ID, for example:
    > >
    > >  My 'original' yahoo ID is: alabedsarc
    > >
    > >  But i type... pay attention...
    > >
    > >  alabedsarc{
    > 
    > 
    



    This archive was generated by hypermail 2b30 : Sun Jun 30 2002 - 10:35:35 PDT