• originalucifer@moist.catsweat.com
      link
      fedilink
      arrow-up
      9
      arrow-down
      2
      ·
      1 year ago

      the pixel is the just the base unit… expand the exploit and you get ‘images’. any image on the remote site… and from there you could target sites that use imaging for password/username stuff (as a method of preventing text-based exploits).

      the one pixel leads to lots of nonsense

      its a teeny tiny hole, but thats all you need

      • Funderpants @lemmy.ca
        link
        fedilink
        English
        arrow-up
        14
        ·
        edit-2
        1 year ago

        That and apparently a lot of time. Am I right in reading it could take hours to leak enough pixels to form an image? So to get a password the password would need to be plain text, visible on the target website, and not be moved, removed or otherwise changed for hours.