Thread: Security talk

Seeing the


  vuln thread I wondered if others are also interested in security talk ?

I am deeply into the "reverse engineering with a goal" method of thinking, and generally that goal is to get visitors to a site to do something for me. The biggest hurdle to this is normally the cross domain policies that are in force for


  style comms.

On that note, and to start discussions off, I wonder if any of you have played with the old (partially patched) mhtml: flaw in IE and if so your thoughts with it ?


Ask one of your IE using visitors to get that page for you Applause

And to keep Perk scared,


 s' and other Safari based browsers aren't much better !


I think pretty much the best thing ever was when IE would execute code stored in images. I pretty much gave myself root to a shitload of boxes that day. Looking back, not very smart. At the time though, I thought it was rather clever, since the first thing I did was to implement some sneaky changes to the HOSTS file and a little DNS/ARP poisoning. You can probably fill in the blanks here as to how to make money with those methods.

Sorry, your mention of that mhtml vulnerability brought back some memories.

EDIT: Er...root...sorry - "admin" as windows calls it.


LOL @ JD - the


 s do have some well documented potential vectors, but thus far you'd have to do some somewhat extraordinary things on both my side and their side to break in.

eWeek also had a pretty scathing article about the potentials for hacking, but their proclivities are well known: just today I got the article "Blackberry 8820 a Dream Device" right after I got the "


  is massive security risk" email. They're like the Republicans of technology  Applause

But I'm also good with discussions about security, provided we don't publicly cross any lines that would be unseemly. If there's something too edgy I'll place it ... "Up There" Applause



The gig 89a image thing was wonderful Applause

Perk - got ya

Perkiset's Place Home   Politics @ Perkiset's