[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Re: javascript hotmail password trap
From:       "David L. Nicol" <david () KASEY ! UMKC ! EDU>
Date:       1999-04-26 7:18:08
[Download RAW message or body]

ha ha.

No, it wasn't a traditional password trap (like yours) but
a javascript which takes advantage of cookie-based security
hooks to contact hotmail's database and change your password.




frisco wrote:
>
> Is that originating page anything like
> http://www-personal.wccnet.org/~frisco/code/assorted/hotmail.html
> ?  It's a page i made a while back to describe some security issues to
> some co-workers.
>
> just curious.
>
> -f
> http://www.peruano.org/
>

________________________________________________________________________
  David Nicol 816.235.1187 UMKC Network Operations david@news.umkc.edu
    "If you're calling about the Nobel prize, press 4"  GPG+ P+++ e*

[prev in list] [next in list] [prev in thread] [next in thread]