Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: Messenger Pro 3 from Clickatell.{Allows you to spoof Mobile Numbers}

Messenger Pro 3 from Clickatell.{Allows you to spoof Mobile Numbers}

From: Jignesh Ghaghada <jghaghada_at_treadsetters.com>
Date: 17 Feb 2004 11:00:41 -0000
('binary' encoding is not supported, stored as-is) Messenger Pro 3 from Clickatell.com has a security issue which allows a person to input any mobile number and send a txt message which can cause problems. After installing the software you are able to login and get 5 free messages or credits. You can register as many times as you want getting 5 credits after you have finished or used up your credits allowing you to send multiple messages. Under the options tab of the program there is an Extra setting which allows you to put in a Sender Id:. under this option you can input any mobile number and send the text which sends a txt message as showing it coming from someone else. I.E. Spoofing.Example:

A No: +123456789
B No: +987654321
C No: +147258369

Let us say that you wanted to send a message to B but didnt want to show your number but wanted C's No to appear you can input C's No and send the message. {Spoofing}.

I am not quite versatile with explaining it in full detail but this is all i can write.

Thanks

Jignesh Ghaghada
Received on Feb 17 2004
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos