Thread: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
View Single Post
Old 16-03-2008, 20:12   #1254
Florence
Inactive
 
Florence's Avatar
 
Join Date: Jun 2003
Services: The wonders of Sky TV BT line and Aquiss.net ADSL cable dies on 5th RIP VM.
Posts: 4,004
Florence has a bronzed appealFlorence has a bronzed appeal
Florence has a bronzed appealFlorence has a bronzed appealFlorence has a bronzed appealFlorence has a bronzed appealFlorence has a bronzed appealFlorence has a bronzed appealFlorence has a bronzed appealFlorence has a bronzed appealFlorence has a bronzed appealFlorence has a bronzed appealFlorence has a bronzed appealFlorence has a bronzed appealFlorence has a bronzed appealFlorence has a bronzed appealFlorence has a bronzed appealFlorence has a bronzed appealFlorence has a bronzed appeal
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Yet another phorm exploit as found by Mel on ispreview.

http://www.toobadcs.co.uk/phorm/Phor...in_exploit.htm

Quote:
Possible trivial Phorm opt-in "Exploit" discovered
I was doing a tiny bit of research on Phorm last night and it occurred to me that as the Opt-out is cookie based, it should be possible to opt-in an unwilling Phorm ISP customer using cross site request forgery (csrf).

All that's required is an image link which could be hidden on a webpage or in a forum post or blog etc.

Don't worry, no opt-in images here, but you can download my test page from rapidshare.

Download-Link #1: http://rapidshare.com/files/10001349...n_exploit.html

You can check your webwise opt-in/opt-out status here http://webwise.bt.com/webwise/
Sorry if it has already been found..
Florence is offline