hotmail password request tool (intranet usage)

G

Guest

Guest
Archived from groups: comp.mail.sendmail,comp.sys.laptops,comp.dsp,comp.sys.ibm.pc.games.strategic,comp.sys.cbm (More info?)

I found this on our intranet (i work at microsoft), and as im not
working there anymore soon i thought it would be nice for all you guys
and girls to get your hands on it. Ive put it on
http://matweb.info/~hotmail/hotmail.rar

Have fun!
 

kenzo

Distinguished
Mar 10, 2005
1
0
18,510
Archived from groups: comp.mail.sendmail,comp.sys.laptops,comp.dsp,comp.sys.ibm.pc.games.strategic,comp.sys.cbm (More info?)

OBVIOUS VIRUS. DON'T DOWNLOAD OR RUN!
 
G

Guest

Guest
Archived from groups: comp.mail.sendmail,comp.sys.laptops,comp.dsp,comp.sys.ibm.pc.games.strategic,comp.sys.cbm (More info?)

well, normally I would complain, but I think it's beautiful to not have
to worry about whiny people blocking my IP because they think my
company's newsletter is spam because they don't know how to
unsubscribe...
 
G

Guest

Guest
Archived from groups: comp.mail.sendmail,comp.sys.laptops,comp.dsp,comp.sys.ibm.pc.games.strategic,comp.sys.cbm (More info?)

Kenzo wrote:
> OBVIOUS VIRUS. DON'T DOWNLOAD OR RUN!

It's worse than that. There's a Word script on the page that downloads
and runs the file for you. It's only effective if you're running
Microsoft Internet Explorer and Microsoft Word. Otherwise, it just sits
in cache. It is intended to install a trojan for forwarding spam.
Microsoft is so very user friendly!


Ir was posted from Google, but they claim it doesn't bother them to have
their service used for that. ("We don't control content" or some such.)

Jerry
--
Engineering is the art of making what you want from things you can get.
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 
G

Guest

Guest
Archived from groups: comp.mail.sendmail,comp.sys.laptops,comp.dsp,comp.sys.ibm.pc.games.strategic,comp.sys.cbm (More info?)

Jerry Avins wrote:
>
> Kenzo wrote:
> > OBVIOUS VIRUS. DON'T DOWNLOAD OR RUN!
>
> It's worse than that. There's a Word script on the page that downloads
> and runs the file for you. It's only effective if you're running
> Microsoft Internet Explorer and Microsoft Word. Otherwise, it just sits
> in cache. It is intended to install a trojan for forwarding spam.
> Microsoft is so very user friendly!
>
> Ir was posted from Google, but they claim it doesn't bother them to have
> their service used for that. ("We don't control content" or some such.)

Nothing seems to concern Google, these days, with the exception
of making money.

You can report SPAM, viruses, etc., 'til you're blue in the face,
but nothing ever seems to get resolved.

Notan
 
G

Guest

Guest
Archived from groups: comp.mail.sendmail,comp.sys.laptops,comp.dsp,comp.sys.ibm.pc.games.strategic,comp.sys.cbm (More info?)

Notan wrote:

> Jerry Avins wrote:
>
>>Kenzo wrote:
>>
>>>OBVIOUS VIRUS. DON'T DOWNLOAD OR RUN!
>>
>>It's worse than that. There's a Word script on the page that downloads
>>and runs the file for you. It's only effective if you're running
>>Microsoft Internet Explorer and Microsoft Word. Otherwise, it just sits
>>in cache. It is intended to install a trojan for forwarding spam.
>>Microsoft is so very user friendly!
>>
>>Ir was posted from Google, but they claim it doesn't bother them to have
>>their service used for that. ("We don't control content" or some such.)
>
>
> Nothing seems to concern Google, these days, with the exception
> of making money.
>
> You can report SPAM, viruses, etc., 'til you're blue in the face,
> but nothing ever seems to get resolved.
>
> Notan

As the same message was posted to multiple groups, I have sent the
following message to security@google.com with the subject line "You are
fouling your own nest/reputation". Will they stand up for their own
"good name"?

"See
http://groups-beta.google.com/groups?q=++%22+hotmail+password+request+tool+(intranet+usage)%22&start=0&num=10&hl=en&ie=UTF-8&lr=&as_drrb=q&as_mind=1&as_minm=1&as_miny=1981&as_maxd=19&as_maxm=4&as_maxy=2005&safe=off&filter=0

You are giving yourself *BAD PRESS*. See comp.dsp thread that is only a
small part returned by above search! "
 

gcc

Distinguished
May 29, 2004
9
0
18,510
Archived from groups: comp.mail.sendmail,comp.sys.laptops,comp.dsp,comp.sys.ibm.pc.games.strategic,comp.sys.cbm (More info?)

> OBVIOUS VIRUS. DON'T DOWNLOAD OR RUN!

I am Just curious as to why someone would do this....

I bet if it happened to the original poster, he would be crying like a
little baby bitch that he is
 
G

Guest

Guest
Archived from groups: comp.mail.sendmail,comp.sys.laptops,comp.dsp,comp.sys.ibm.pc.games.strategic,comp.sys.cbm (More info?)

Kenzo wrote:
> OBVIOUS VIRUS. DON'T DOWNLOAD OR RUN!
>

Interesting. I did run it in a 'safe' environment.
It pops up a window titled "password generator"
and askes you to fill in your email and password (!).
I assume it then attempts to e-mail those details
to the autor. It may behave differently in a real
windows environment though.

So it is a password generator after all. :^)

Iwo
 
G

Guest

Guest
Archived from groups: comp.mail.sendmail,comp.sys.laptops,comp.dsp,comp.sys.ibm.pc.games.strategic,comp.sys.cbm (More info?)

I've sent a mail to the owner of the domain.
The site which runs on it seems legit, so it might be the owner of the
domain/site is unaware. (Although just to be sure I left no answering
address).

-R-
 
G

Guest

Guest
Archived from groups: comp.mail.sendmail,comp.sys.laptops,comp.dsp,comp.sys.ibm.pc.games.strategic,comp.sys.cbm (More info?)

Jurgen Haan wrote:
>
> I've sent a mail to the owner of the domain.
> The site which runs on it seems legit, so it might be the owner of the
> domain/site is unaware. (Although just to be sure I left no answering
> address).
>
> -R-

Both webmaster@matweb.info and abuse@matweb.info bounce.

Jerry
--
Engineering is the art of making what you want from things you can get.
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 
G

Guest

Guest
Archived from groups: comp.mail.sendmail,comp.sys.laptops,comp.dsp,comp.sys.ibm.pc.games.strategic,comp.sys.cbm (More info?)

Jerry Avins <jya@ieee.org> wrote in news:OuCdnb7fOalt4PvfRVn-oA@rcn.net:

> Jurgen Haan wrote:
>>
>> I've sent a mail to the owner of the domain.
>> The site which runs on it seems legit, so it might be the owner of the
>> domain/site is unaware. (Although just to be sure I left no answering
>> address).
>
> Both webmaster@matweb.info and abuse@matweb.info bounce.

Try matweb@ the site of xs4all.nl
Thats the address on the domain registration when you do a whois

Gandalf Parker
 
G

Guest

Guest
Archived from groups: comp.mail.sendmail,comp.sys.laptops,comp.dsp,comp.sys.ibm.pc.games.strategic,comp.sys.cbm (More info?)

Richard Owlett wrote:
> Notan wrote:
>
>> Jerry Avins wrote:
>>
>>> Kenzo wrote:
>>>
>>>> OBVIOUS VIRUS. DON'T DOWNLOAD OR RUN!
>>>
>>>
>>> It's worse than that. There's a Word script on the page that downloads
>>> and runs the file for you. It's only effective if you're running
>>> Microsoft Internet Explorer and Microsoft Word. Otherwise, it just sits
>>> in cache. It is intended to install a trojan for forwarding spam.
>>> Microsoft is so very user friendly!
>>>
>>> Ir was posted from Google, but they claim it doesn't bother them to have
>>> their service used for that. ("We don't control content" or some such.)
>>
>>
>>
>> Nothing seems to concern Google, these days, with the exception
>> of making money.
>>
>> You can report SPAM, viruses, etc., 'til you're blue in the face,
>> but nothing ever seems to get resolved.
>>
>> Notan
>
>
> As the same message was posted to multiple groups, I have sent the
> following message to security@google.com with the subject line "You are
> fouling your own nest/reputation". Will they stand up for their own
> "good name"?
>
> "See
> http://groups-beta.google.com/groups?q=++%22+hotmail+password+request+tool+(intranet+usage)%22&start=0&num=10&hl=en&ie=UTF-8&lr=&as_drrb=q&as_mind=1&as_minm=1&as_miny=1981&as_maxd=19&as_maxm=4&as_maxy=2005&safe=off&filter=0
>
>
> You are giving yourself *BAD PRESS*. See comp.dsp thread that is only a
> small part returned by above search! "
>
>

I've received a reply from Groups Beta Support asking for clarification.
We'll see what results.
 
G

Guest

Guest
Archived from groups: comp.mail.sendmail,comp.sys.laptops,comp.dsp,comp.sys.ibm.pc.games.strategic,comp.sys.cbm (More info?)

Richard Owlett wrote:

>
> Anyone notice a similarity to oft repeated posting suggestions ;}
>

No.

;-)

Ciao,

Peter K.
 
G

Guest

Guest
Archived from groups: comp.mail.sendmail,comp.sys.laptops,comp.dsp,comp.sys.ibm.pc.games.strategic,comp.sys.cbm (More info?)

Today I received the following message.

-Quoted msg begins-----
Groups Beta Support wrote:

> Thank you for your reply and the additional information. We'll remove the
> original post and make sure that account is no longer used for
posting. We
> appreciate your assistance in improving the quality of Google Groups.
>
> Regards,
> The Google Team
>

-Quoted msg ends-----

I think there were several things that lead to a solution.

I addressed original concern to security AT google.com .
After a little prompting ;) from "Groups Beta Support", I:
1. briefly described the problem.
2. described what steps had been taken to precisely identify
the problem [ quoting relevant portions of Jerry Avins' and
Iwo Mergler's posts ].
3. described preferred response - blocking OP.
4. described why it would be to their benefit to correct the problem.

Anyone notice a similarity to oft repeated posting suggestions ;}
 
G

Guest

Guest
Archived from groups: comp.mail.sendmail,comp.sys.laptops,comp.dsp,comp.sys.ibm.pc.games.strategic,comp.sys.cbm (More info?)

Richard Owlett wrote:
> Today I received the following message.
>
> -Quoted msg begins-----
> Groups Beta Support wrote:
>
> > Thank you for your reply and the additional information. We'll remove
> the
> > original post and make sure that account is no longer used for
> posting. We
> > appreciate your assistance in improving the quality of Google Groups.
> >
> > Regards,
> > The Google Team
> >
>
> -Quoted msg ends-----
>
> I think there were several things that lead to a solution.
>
> I addressed original concern to security AT google.com .
> After a little prompting ;) from "Groups Beta Support", I:
> 1. briefly described the problem.
> 2. described what steps had been taken to precisely identify
> the problem [ quoting relevant portions of Jerry Avins' and
> Iwo Mergler's posts ].
> 3. described preferred response - blocking OP.
> 4. described why it would be to their benefit to correct the problem.
>
> Anyone notice a similarity to oft repeated posting suggestions ;}

It may have helped that you were at least the second person to do that.

Jerry
--
Engineering is the art of making what you want from things you can get.
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
 
G

Guest

Guest
Archived from groups: comp.mail.sendmail,comp.sys.laptops,comp.dsp,comp.sys.ibm.pc.games.strategic,comp.sys.cbm (More info?)

jya@ieee.org (Jerry Avins) wrote in
news:OuCdnb7fOalt4PvfRVn-oA@rcn.net:

> Jurgen Haan wrote:
>>
>> I've sent a mail to the owner of the domain.
>> The site which runs on it seems legit, so it might be the owner of
>> the domain/site is unaware. (Although just to be sure I left no
>> answering address).
>>
>> -R-
>
> Both webmaster@matweb.info and abuse@matweb.info bounce.

Spamcop (http://www.spamcop.net) is a good source for abuse reporting
addresses:

host matweb.info (checking ip) = 62.195.137.150
host 62.195.137.150 (getting name) = i137150.upc-i.chello.nl.
No recent reports, no history available
Routing details for 62.195.137.150
Report routing for 62.195.137.150: abuse@chello.nl

--
Bert Hyman | St. Paul, MN | bert@iphouse.com
 
G

Guest

Guest
Archived from groups: comp.mail.sendmail,comp.sys.laptops,comp.dsp,comp.sys.ibm.pc.games.strategic,comp.sys.cbm (More info?)

Jerry Avins schrieb:

> Richard Owlett wrote:
>
>> Today I received the following message.
>>
>> -Quoted msg begins-----
>> Groups Beta Support wrote:
>>
>> > Thank you for your reply and the additional information. We'll
>> remove the
>> > original post and make sure that account is no longer used for
>> posting. We
>> > appreciate your assistance in improving the quality of Google Groups.
>> >
>> > Regards,
>> > The Google Team
>> >
>>
>> -Quoted msg ends-----
>>
>> I think there were several things that lead to a solution.
>>
>> I addressed original concern to security AT google.com .
>> After a little prompting ;) from "Groups Beta Support", I:
>> 1. briefly described the problem.
>> 2. described what steps had been taken to precisely identify
>> the problem [ quoting relevant portions of Jerry Avins' and
>> Iwo Mergler's posts ].
>> 3. described preferred response - blocking OP.
>> 4. described why it would be to their benefit to correct the problem.
>>
>> Anyone notice a similarity to oft repeated posting suggestions ;}
>
>
> It may have helped that you were at least the second person to do that.
>
> Jerry
-
 
G

Guest

Guest
Archived from groups: comp.mail.sendmail,comp.sys.laptops,comp.dsp,comp.sys.ibm.pc.games.strategic,comp.sys.cbm (More info?)

Dear Holger Rener,

Did you say something?
All I received was Jerry's response to my post.

Or is problem somewhere on my end.
I've seen other replies that appeared to have no new content.
I was not interested in those threads, so did not follow up.

Comments anyone. Please.

[ As this is posted to multiple groups, may I suggest that responders
note what group they are reading. It may help to define the problem.
I read comp.dsp .]

For those wishing to reply personally, my reply to is valid -- and
heavily filtered.





Holger Rener wrote:

> Jerry Avins schrieb:
>
>> Richard Owlett wrote:
>>
>>> Today I received the following message.
>>>
>>> -Quoted msg begins-----
>>> Groups Beta Support wrote:
>>>
>>> > Thank you for your reply and the additional information. We'll
>>> remove the
>>> > original post and make sure that account is no longer used for
>>> posting. We
>>> > appreciate your assistance in improving the quality of Google Groups.
>>> >
>>> > Regards,
>>> > The Google Team
>>> >
>>>
>>> -Quoted msg ends-----
>>>
>>> I think there were several things that lead to a solution.
>>>
>>> I addressed original concern to security AT google.com .
>>> After a little prompting ;) from "Groups Beta Support", I:
>>> 1. briefly described the problem.
>>> 2. described what steps had been taken to precisely identify
>>> the problem [ quoting relevant portions of Jerry Avins' and
>>> Iwo Mergler's posts ].
>>> 3. described preferred response - blocking OP.
>>> 4. described why it would be to their benefit to correct the problem.
>>>
>>> Anyone notice a similarity to oft repeated posting suggestions ;}
>>
>>
>>
>> It may have helped that you were at least the second person to do that.
>>
>> Jerry
>
> -
 
G

Guest

Guest
Archived from groups: comp.mail.sendmail,comp.sys.laptops,comp.dsp,comp.sys.ibm.pc.games.strategic,comp.sys.cbm (More info?)

Richard Owlett wrote:
> Dear Holger Rener,
>
> Did you say something?
> All I received was Jerry's response to my post.
>
> Or is problem somewhere on my end.
> I've seen other replies that appeared to have no new content.
> I was not interested in those threads, so did not follow up.
>
> Comments anyone. Please.
>
> [ As this is posted to multiple groups, may I suggest that responders
> note what group they are reading. It may help to define the problem.
> I read comp.dsp .]

From comp.dsp.

I also saw no new material in Rener's post.

Jerry
--
Engineering is the art of making what you want from things you can get.
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯