Re: [Full-disclosure] Gmail emails issue
Dude, screw yahoo..who cares !! Everyone here, is posting using gmail , includingyourself !! Yeah, n3dt3v, dude, just calm down.. Chill. Don't worry about Yahoo, YServer.exe and all that stuff... ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gmail emails issue
Hi:Worried about a temp file in gmail servers and not by the fact that using a browser your mails goes who knows where server in plain text? Except for the login part that uses SSL of course. Somebody could be sniffing :D regardsWACOn 8/4/06, 6ackpace [EMAIL PROTECTED] wrote: Hi All, Gmail stores mails in Temp folder for faster access.but i have observer it fails toremove mail from the temp files after the session is ended. any user who has access physical access to the system can read mail and contact information of the Gmail user. Discloses information which is private and confidential? thank you ratna ___Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Gmail emails issue
Hi All, Gmail stores mails in Temp folder for faster access.but i have observer it fails toremove mail from the temp files after the session is ended. any user who has access physical access to the system can read mail and contact information of the Gmail user. Discloses information which is private and confidential? thank you ratna ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gmail emails issue
I'm reading your message in gmail and there is nothing in my temp folder... not that i'd expect there to be. Gmail can't just create files on your computer without your permission, it it can your settings are wrong or your browser is broken. In other words if your gmail mails are ending up in your temp folder your web browser is putting them there... what browser are you using BTW. I'm using firefox and it doesn't store my mails in the temp folder under my NT account. -sb On 8/4/06, 6ackpace [EMAIL PROTECTED] wrote: Hi All, Gmail stores mails in Temp folder for faster access.but i have observer it fails to remove mail from the temp files after the session is ended. any user who has access physical access to the system can read mail and contact information of the Gmail user. Discloses information which is private and confidential? thank you ratna ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gmail emails issue
He means a temp folder on the gmail server.I verified an attachment being available even after being signed out.On 04/08/06, Stan Bubrouski [EMAIL PROTECTED] wrote:I'm reading your message in gmail and there is nothing in my temp folder... not that i'd expect there to be.Gmail can't just createfiles on your computer without your permission, it it can yoursettings are wrong or your browser is broken.In other words if yourgmail mails are ending up in your temp folder your web browser is putting them there...what browser are you using BTW.I'm usingfirefox and it doesn't store my mails in the temp folder under my NTaccount.-sbOn 8/4/06, 6ackpace [EMAIL PROTECTED] wrote: Hi All, Gmail stores mails in Temp folder for faster access.but i have observer it fails to remove mail from the temp files after the session is ended. any user who has access physical access to the system can read mail and contact information of the Gmail user. Discloses information which is private and confidential? thank you ratna ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/___ Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gmail emails issue
if thats on the gmail server, then the same gmail servers /clusters hold all other information collateral .. that is CC#, Phones, names. pwds etc ...andwhen GHhealth comes out your blood type and if you want your SIN# too..!! So whats the big deal with the temp folder atthe server end being unflushed ? Bad practice or a secruity risk. temp folder on the gmail server. I verified an attachment being available even after being signed out .. and then my primary question would be .. how did you peek into the gserver cluster ?? could you share that info ?? or is this domain hosting your talking about ?? /pd On 8/4/06, Thomas Pollet [EMAIL PROTECTED] wrote: He means a temp folder on the gmail server.I verified an attachment being available even after being signed out. On 04/08/06, Stan Bubrouski [EMAIL PROTECTED] wrote: I'm reading your message in gmail and there is nothing in my temp folder... not that i'd expect there to be.Gmail can't just create files on your computer without your permission, it it can yoursettings are wrong or your browser is broken.In other words if yourgmail mails are ending up in your temp folder your web browser is putting them there...what browser are you using BTW.I'm using firefox and it doesn't store my mails in the temp folder under my NTaccount.-sbOn 8/4/06, 6ackpace [EMAIL PROTECTED] wrote: Hi All, Gmail stores mails in Temp folder for faster access.but i have observer it fails to remove mail from the temp files after the session is ended. any user who has access physical access to the system can read mail and contact information of the Gmail user. Discloses information which is private and confidential? thank you ratna ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/ ___Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/ -- http://peterdawson.typepad.comPeterDawson Home of ThoughtFlickr's This message is printed on Recycled Electrons. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gmail emails issue
As I see it, the real issue is just how secure do you think email really is? If someone really wants to read that FW you sent to your mom, there are plenty ways for them to do this, especially if they have physical access to the computer you used. Computer Forensics can be quite interesting and with the right tools and know-how, it's really not that difficult to look at websites you've been to (even if you cleared your history), including web-mail pages. As far as Gmail retaining a copy on the server or not, it makes perfect since for them to store copies to allow for retransmission of the message in the case of an error, not to mention how your Sent Mail folder does in fact reside on their servers. Bottom line: Email is NOT a secure communications medium and should not be relied on as if it were. If the information you are sending/receiving is of a particularly sensitive nature, I would suggest you find some other medium, such as SSL with encryption. -John -- There is intelligence is in having all the answers, but wisdom lies in knowing which of the questions to answer. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gmail emails issue
On 8/4/06, Peter Dawson [EMAIL PROTECTED] wrote: if thats on the gmail server, then the same gmail servers /clusters hold all other information collateral .. that is CC#, Phones, names. pwds etc ...andwhen GHhealth comes out your blood type and if you want your SIN# too..!! So whats the big deal with the temp folder atthe server end being unflushed ? Bad practice or a secruity risk. temp folder on the gmail server. I verified an attachment being available even after being signed out .. and then my primary question would be .. how did you peek into the gserver cluster ?? could you share that info ?? or is this domain hosting your talking about ?? /pd On 8/4/06, Thomas Pollet [EMAIL PROTECTED] wrote: He means a temp folder on the gmail server.I verified an attachment being available even after being signed out. On 04/08/06, Stan Bubrouski [EMAIL PROTECTED] wrote: I'm reading your message in gmail and there is nothing in my temp folder... not that i'd expect there to be.Gmail can't just create files on your computer without your permission, it it can yoursettings are wrong or your browser is broken.In other words if yourgmail mails are ending up in your temp folder your web browser is putting them there...what browser are you using BTW.I'm using firefox and it doesn't store my mails in the temp folder under my NTaccount.-sbOn 8/4/06, 6ackpace [EMAIL PROTECTED] wrote: Hi All, Gmail stores mails in Temp folder for faster access.but i have observer it fails to remove mail from the temp files after the session is ended. any user who has access physical access to the system can read mail and contact information of the Gmail user. Discloses information which is private and confidential? thank you ratna ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/ ___Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/ -- http://peterdawson.typepad.comPeterDawson Home of ThoughtFlickr's This message is printed on Recycled Electrons. ___Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/ The same happens on Yahoo Messenger file share. If the client cannot connect peer to peer then the file being sent will be stored on the server as a temp file. The Yahoo system cannot verify that the file has been successfully downloaded by the intended party, so the file is left on the server, until Yahoo decides to expire the file. What folks were doing is linking the temp files to victims (via any chat or e-mail), the file extension could be anything, so the malicious file was being used in virus and phishing runs. The hacker would keep rotating the temp file storage system, everytime the file expired (which can be hours at a time, enough time to infect and phish your way through thousands of hosts), therefore you have continued storage of virus and phishing on the Yahoo servers, undetected. The Yahoo virus and phishing detection system trusts ' yahoo.com', so it isn't stored on their anti-spam url collection system, and even if it did, the unique temp file URL is changing every rotation, everytime the temp file expires, so the URL is always changing its character, so stayed trusted and stealth. This was being exploited by my connections three or so years ago, although, yahoo was contacted in private, I think it was treated as a non-issue. Lolz. Can someone check0r it out and tell me it can still be exploited today? :) I'll need to check0r it out too. Thats Yahoo for you. Sorry to poison a Gmail thread with this, but it just reminded me of what we exploit on Yahoo :) haw haw haw... keep hax0ring peeps. I grew up with the vulnerability in my teen years, it was so common place, no one thought to report it, but eventually I stopped using Yahoo Messenger temp file storage for when we blocked the peer to peer via our programs, but yeah, I forgot to check if they patched it. Many good lucks and researchingI expect someone with a formal advisory to be posting what i'm talking about in the coming dazepeace out for now my homies. Long live server side temp file storage on Yahoo, it rocks vxers socks. Shouts to [EMAIL PROTECTED] who was the security engineer at the time I reported it to him, so the buck stops at him, I believe the buck should stop with someone in YAHOO, and should not get away with sloppy security. [EMAIL PROTECTED] is still off the hook for the Yahoo Finance
Re: [Full-disclosure] Gmail emails issue
On 8/4/06, Stan Bubrouski [EMAIL PROTECTED] wrote: I'm reading your message in gmail and there is nothing in my tempfolder... not that i'd expect there to be.Gmail can't just create files on your computer without your permission, it it can yoursettings are wrong or your browser is broken.In other words if yourgmail mails are ending up in your temp folder your web browser isputting them there...what browser are you using BTW.I'm using firefox and it doesn't store my mails in the temp folder under my NTaccount.-sb You're wrong there, lets look at Yahoo Messenger: yupdater.exe The above little executable stays in the default Yahoo Messenger directory and can modify any files within that directory and sub-directories, the yupdater.exe can create and delete any file in those directories, and has the power to create new files and folders on the command of Yahoo. At no time is there notification by Yahoo to the end-user. I've witnessed when Yahoo were testing their backend anti-spam system, that blank folders were appearing within the default Yahoo Messenger directory. If an attacker can hack Yahoo and control everyones yupdater.exe then Yahoo will turn into a very dark place. Here is another executable that does discrete little directory updates to your system without end-user interaction or notification: YServer.exe We tried to protest what Yahoo was doing other the years in private, and even thought at one point about putting out trojan horses and viruses under the same file names so Symantec etc would flag them as malware, although we didn't So yeah, Yahoo have the ability to and do infact modify your system without permission :) This is done randomly at Yahoo's own discretion and is seperate from legitmate announced Yahoo Messenger updates :) Its about time Yahoo came clean about yupdater.exe and YServer.exe instead of anonymously sending commands to operating systems, to modify, delete and create files and (or) folders without anyone knowing. No one is saying Yahoo is doing anything evil, but what if an accident happened? Yahoo would get its ass kicked No one can say what unexpected modifications to folder and files might do to individual end-user systems. Yahoo, sort yourselves out. Foul play ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gmail emails issue
==You're wrong there, lets look at Yahoo Messenger Dude, screw yahoo..who cares !! Everyone here, is posting using gmail , includingyourself !! On 8/4/06, n3td3v [EMAIL PROTECTED] wrote: On 8/4/06, Stan Bubrouski [EMAIL PROTECTED] wrote: I'm reading your message in gmail and there is nothing in my tempfolder... not that i'd expect there to be.Gmail can't just create files on your computer without your permission, it it can yoursettings are wrong or your browser is broken.In other words if yourgmail mails are ending up in your temp folder your web browser isputting them there...what browser are you using BTW.I'm using firefox and it doesn't store my mails in the temp folder under my NTaccount.-sb You're wrong there, lets look at Yahoo Messenger: yupdater.exe The above little executable stays in the default Yahoo Messenger directory and can modify any files within that directory and sub-directories, the yupdater.exe can create and delete any file in those directories, and has the power to create new files and folders on the command of Yahoo. At no time is there notification by Yahoo to the end-user. I've witnessed when Yahoo were testing their backend anti-spam system, that blank folders were appearing within the default Yahoo Messenger directory. If an attacker can hack Yahoo and control everyones yupdater.exe then Yahoo will turn into a very dark place. Here is another executable that does discrete little directory updates to your system without end-user interaction or notification: YServer.exe We tried to protest what Yahoo was doing other the years in private, and even thought at one point about putting out trojan horses and viruses under the same file names so Symantec etc would flag them as malware, although we didn't So yeah, Yahoo have the ability to and do infact modify your system without permission :) This is done randomly at Yahoo's own discretion and is seperate from legitmate announced Yahoo Messenger updates :) Its about time Yahoo came clean about yupdater.exe and YServer.exe instead of anonymously sending commands to operating systems, to modify, delete and create files and (or) folders without anyone knowing. No one is saying Yahoo is doing anything evil, but what if an accident happened? Yahoo would get its ass kicked No one can say what unexpected modifications to folder and files might do to individual end-user systems. Yahoo, sort yourselves out. Foul play ___Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/ -- http://peterdawson.typepad.comPeterDawson Home of ThoughtFlickr's This message is printed on Recycled Electrons. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
