Log in

No account? Create an account
log f-list backlog .nfo weev.net back back forward forward
http://encyclopediadramatica.com/Firefox_XPS_IRC_Attack 0day… - Andrew Auernheimer — LiveJournal
Oðinnsson. Market abuser. Internationally notorious computer criminal.
5 comments / leave comment
weev From: weev Date: January 28th, 2010 03:54 pm (UTC) (link)
#1 -- for sure. i've got a PoC on TCP SIP devices, as well as some other fun stuff in the works I don't want to talk about.

#2 -- probably never

#3 -- IE's domain security model simply doesnt allow you to do it. it isn't about blocked ports.
(Deleted comment)
weev From: weev Date: January 28th, 2010 06:07 pm (UTC) (link)
no. it can submit a form to another domain, easy. you just can't shove more shit down the socket that isn't included in the args for the initial POST. and it's all going to be nicely encoded as an HTTP header should be according to the RFC, and not going to be able to be parsed as another protocol very easily.
5 comments / leave comment