recently (with permission and as a joke) I sent a friend of mine this image in an ask: https://en0.io/posts/spongebob/sponge.php it's a dynamically generated image with the viewer's IP address and location.
I did this to show a vulnerability with asks. linked images in asks are loaded without a clickthrough like iframely, and asks are a way to send aspecificperson a link.
my proposed vulnerability is as follows:
1) in an ask, link someone an IP logger in the form of an image
2) they open their inbox, loading this image
3) the first person who loads this image is likely to be the person the attacker sent the ask to
4) the attacker now knows the general location of the target
ideally all external links in asks (links not to cohosts cdn) would be handled through iframely.
another possible vuln here is that svgs can be uploaded to cohost's cdn and these can contain links to external sites in the same fashion
meadow
recently (with permission and as a joke) I sent a friend of mine this image in an ask: https://en0.io/posts/spongebob/sponge.php it's a dynamically generated image with the viewer's IP address and location.
post: https://cohost.org/tati/post/3087750-empty
I did this to show a vulnerability with asks. linked images in asks are loaded without a clickthrough like iframely, and asks are a way to send a specific person a link.
my proposed vulnerability is as follows:
1) in an ask, link someone an IP logger in the form of an image
2) they open their inbox, loading this image
3) the first person who loads this image is likely to be the person the attacker sent the ask to
4) the attacker now knows the general location of the target
ideally all external links in asks (links not to cohosts cdn) would be handled through iframely.
another possible vuln here is that svgs can be uploaded to cohost's cdn and these can contain links to external sites in the same fashion
15 people have this problem