Using mail.139.com, due to lax message body filtering, leading to xss flaw exists to trigger browser to read the remote js scr ipt, and execute the scr ipt. The scr ipt can IE browsers. Meanwhile, after analysis, mail.139.com send mail function in the presence CSRF vulnerability can send mail through the Ajax technology needed for mid value. Another mailbox " address book" in the contact e-mail can be removed directly through the javascr ipt.

139邮箱蠕虫编写实例\139邮箱蠕虫编写实例 .txt
139邮箱蠕虫编写实例

• We are an exchange download platform that only provides communication channels. The downloaded content comes from the internet. Except for download issues, please Google on your own.
• The downloaded content is provided for members to upload. If it unintentionally infringes on your copyright, please contact us.
• Please use Winrar for decompression tools
• If download fail, Try it againg or Feedback to us.
• If downloaded content did not match the introduction, Feedback to us，Confirm and will be refund.
• Before downloading, you can inquire through the uploaded person information

Nothing．