POA: Outlook Expresss 6.00May 13 2004 09:40PM http-equiv (at) excite (dot) com [email concealed] (1 malware com)
Thursday, May 13, 2004
The following is exceptionally unusual. For many years post
Outlook Express 4 has been an impossibility to target html or
remote sites directly into the 'window' of an Outlook Express
mail message. That means all links [your basic href] would
invoke the browser accompanied by Outlook Express, one Internet
Explorer, and open content therein.
The following odd-combination 'fluke' returns us to pre-Outlook
Express 5 days by opening both remote and local content inside
the actual mail message itself:
The mail message itself then becomes the browser. Needless to
say that the immediate thought turns to the current stream of
activity ; that being 'phishing'. There is no browser
involvement, there is no address bar and any one of previously
discussed url spoof mechanisms can be deployed to further
substantiate the ruse:
1. Interestingly replying to the mail message will fill in the
href with whatever is stated in the base href
2. about: url protocol functions
3. All content is still processed in the security zone
applicable to the mail clients settings
4. More technical in-depth possibilities can be examined at a
future date
Thursday, May 13, 2004
The following is exceptionally unusual. For many years post
Outlook Express 4 has been an impossibility to target html or
remote sites directly into the 'window' of an Outlook Express
mail message. That means all links [your basic href] would
invoke the browser accompanied by Outlook Express, one Internet
Explorer, and open content therein.
The following odd-combination 'fluke' returns us to pre-Outlook
Express 5 days by opening both remote and local content inside
the actual mail message itself:
[screenshot: http://www.malware.com/poa.png 242KB]
The mail message itself then becomes the browser. Needless to
say that the immediate thought turns to the current stream of
activity ; that being 'phishing'. There is no browser
involvement, there is no address bar and any one of previously
discussed url spoof mechanisms can be deployed to further
substantiate the ruse:
<BASE href=http://www.malware.com target=_top>
<A href="http://www.microsoft.com">http://www.malware.com</A>
Notes:
1. Interestingly replying to the mail message will fill in the
href with whatever is stated in the base href
2. about: url protocol functions
3. All content is still processed in the security zone
applicable to the mail clients settings
4. More technical in-depth possibilities can be examined at a
future date
End Call
--
http://www.malware.com
[ reply ]