[Solved] How is this even possible?

So, i was on a website trying to contact someone. So as you do i clicked the envelope icon to contact, lo and behold their email provider signin page opened with their login and password prefilled. All i had to do was click login.

How can that even happen? Is the internet really that fragile?

Tinybolt

1 Like

What website was this?

Oh becaue that would be fair. I'v contacted them to let them know since i used to know them well. Once its all cleared up ill divulge more info. More the question though, should this even be possible?

Tinybolt

Were you on their laptop? How does the messaging system work on this site, by redirecting you to some email provider (say, Gmail)?

Nope, one works desktop and have never used a computer of theirs or them of mine. Im thinking it must be part of the HTML that they have added to the page. I just cant imagin that you can include a usename and password in a link?

In theory when one clicks the link and their email address should open in outlook for example. This is just theory since i dont know the design of the website (i have yet to explore the html).

tinybolt

Also some add-ons could be responsibles, if you have it in common with that person! But I really can't imagine how this would happen!

if it uses php then it will either be in the GET or POST stream. If you look at the URL, if you see something like passwrod=this+username=that then it is very insecure as it is using GET stream, whereas in POST that info is not accessable via the URL. So robot wouldn't really know what to do with it, but humans would.

1 Like

Its using a session ID no from what i can tell but the URL hops around quite a bit before it settles down to their actuall email provider app.

tinybolt

session ID's are just used by PHP to basically just keep track of what its doing and where. I've used them before and its quite useful for determing if someone has been to a page or not. But, this is not secure if something is trying to store login information into it. Once the session id is set, it can be read as its in plaintext in the browser cache, so if someone has a malicios page open in another tab this would be big trouble.

Since the url seems to hop around quite a bit it looks like they are trying to do some form of authentication before actually going to the login page. Interesting.

Oh btw this isnt a small email provider, its a telecoms email address. Im no web code expert, i know some basic HMTL and not much else. I would say the website but the internet is a scary place. Maybe @kreestuh @wendell might PM me about this for further discussion?

Tinybolt

you could just PM it to me and I could take a look.

Hows about you tell me what to do, and i do it? Im sure you can understand my apprehension?

tinybolt

meh, don't worry about it then.

Yeah, sending that out to strangers on a forum would be a dumb move.

The issue has been resolved. OP, I edited the title to reflect the current status.

1 Like