• originalucifer
      link
      fedilink
      71 year ago

      the pixel is the just the base unit… expand the exploit and you get ‘images’. any image on the remote site… and from there you could target sites that use imaging for password/username stuff (as a method of preventing text-based exploits).

      the one pixel leads to lots of nonsense

      its a teeny tiny hole, but thats all you need

      • Funderpants
        link
        fedilink
        English
        14
        edit-2
        1 year ago

        That and apparently a lot of time. Am I right in reading it could take hours to leak enough pixels to form an image? So to get a password the password would need to be plain text, visible on the target website, and not be moved, removed or otherwise changed for hours.