Re: [new] www/esniper

Thu, 31 Jan 2019 05:19:58 -0800 


On 1/31/19 2:16 PM, Renaud Allard wrote:



On 1/31/19 1:21 PM, Stuart Henderson wrote:


#7  0x1b83a381 in httpRequest (url=0x6de41680 
"http://my.ebay.com/ws/eBayISAPI.dll?MyeBay&CurrentPage=MyeBayWatching";, 
logUrl=0x0, data=0x3b82df06 "", logData=0x0,

     rt=GET) at http.c:177

#8  0x1b83a058 in httpGet (url=0x6de41680 
"http://my.ebay.com/ws/eBayISAPI.dll?MyeBay&CurrentPage=MyeBayWatching";, 
logUrl=0x0) at http.c:79


http://? Are they nuts? Should be easy enough to fix that, but this is
not a good sign for software that expects you to trust it with your
ebay credentials.



I am under the impression that those requests to http without ssl pages 
come from ebay itself.




Sorry, my bad

auction.c:static const char MYITEMS_URL[] = 
"http://%s/ws/eBayISAPI.dll?MyeBay&CurrentPage=MyeBayWatching";;





Attachment:
smime.p7s

Description: S/MIME Cryptographic Signature






















					Reply via email to