• originalucifer
    link
    fedilink
    71 year ago

    the pixel is the just the base unit… expand the exploit and you get ‘images’. any image on the remote site… and from there you could target sites that use imaging for password/username stuff (as a method of preventing text-based exploits).

    the one pixel leads to lots of nonsense

    its a teeny tiny hole, but thats all you need

    • Funderpants
      link
      fedilink
      English
      14
      edit-2
      1 year ago

      That and apparently a lot of time. Am I right in reading it could take hours to leak enough pixels to form an image? So to get a password the password would need to be plain text, visible on the target website, and not be moved, removed or otherwise changed for hours.