npub1k2pk25uqk7698nw6klprr73dr7s9fwhn8vugpcdxav9x20vpn26qyskhdz (npub1k2p…khdz) Lol I wasn't into browser x-dev.
What I did do was chain this with the fact that the school webmail client (old-at-the-time build of emumail) didn't have good XSS filtering and would happily render most JavaScript in incoming email.
And the SMTP server didn't require auth so it was trivial to spoof mail from any rpi.edu address to any other.
So i could email a classmate "from" a professor or the president or something and run JavaScript in their mail client.
My demo got the point across and they turned on SMTP auth soon after. Retiring the old webmail client took a while but it eventually went away too.
Andrew Zonenberg /
npub1cd…z9vpd
2024-10-25 09:37:53
in reply to nevent1q…8vdh
Author Public Key
npub1cddglts94qutscms0qpmk87lel9m8xku7q0wr20u2th5fxvvunqqxz9vpdSeen on
wss://relay.nostr.bandPublished at
2024-10-25 09:37:53Event JSON
{
"id": "9fd4ba88c7ab2c02c1bcf8d5d24e680d1d3038275b41dafbbaf8b50c5a75021b",
"pubkey": "c35a8fae05a838b863707803bb1fdfcfcbb39adcf01ee1a9fc52ef44998ce4c0",
"created_at": 1729849073,
"kind": 1,
"tags": [
[
"p",
"b283655380b7b453cddab7c231fa2d1fa054baf33b3880e1a6eb0a653d819ab4",
"wss://relay.mostr.pub"
],
[
"p",
"b5ec721a9eb797a559311e6f43afa263fba71105967ea99fba59268b06f21939",
"wss://relay.mostr.pub"
],
[
"e",
"02e4b52a609edc89e2d25489f37733bff9c3a53aa57dc601759e0a75a6209a65",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://ioc.exchange/users/azonenberg/statuses/113367388869771826",
"activitypub"
]
],
"content": "nostr:npub1k2pk25uqk7698nw6klprr73dr7s9fwhn8vugpcdxav9x20vpn26qyskhdz Lol I wasn't into browser x-dev.\n\nWhat I did do was chain this with the fact that the school webmail client (old-at-the-time build of emumail) didn't have good XSS filtering and would happily render most JavaScript in incoming email.\n\nAnd the SMTP server didn't require auth so it was trivial to spoof mail from any rpi.edu address to any other.\n\nSo i could email a classmate \"from\" a professor or the president or something and run JavaScript in their mail client.\n\nMy demo got the point across and they turned on SMTP auth soon after. Retiring the old webmail client took a while but it eventually went away too.",
"sig": "a8a0703639cbdb79da7c79e1edd083c63071d8e7dcaa2244110039f229cccd553157aa36372d5681baf291316a8cf5992818609041b8e7fe90921b50a0d5e0f7"
}