|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Tom Micklovitch (h_bugtraq
yahoo.com)Date: Fri Feb 08 2002 - 04:04:38 CST
Exploit:
Register an account for MSN messenger, make some
contact email addresses, leave the account for 31
days. On a different machine (to ensure there's
no cache), go to the sign up section of MSN
messenger, sign up again, using the same screen
name. You'll be able to see the previous user's
contact list.
None of the contacts will have been alerted to
the fact that the new username actully belong to
an entirely different person, so they'll still be
sending messages, and if the new user is a haxor,
(s)he'll be replying just as if (s)he's the
original user.
I alerted Microsoft on monday, and have recieved
no reply. so there. :)
happy hacking.
=====
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12 - www.ebb.org/ungeek/
GIT d--- s--:- a--- C++++ UL++ P+ L+ E--- W+++ N- o-- K- w
O- M-- V- PS+++ PE-- Y+ PGP++ t+ 5- X+ R tv-- b+ DI++ D+
G+ e* h r++ y+++
------END GEEK CODE BLOCK------
__________________________________________________
Do You Yahoo!?
Send FREE Valentine eCards with Yahoo! Greetings!
http://greetings.yahoo.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]