The same company has been harassing for the better part a year now wanting to buy a property I don’t own. I have filled a DO NOT CALL registration, I have blocked their numbers multiple times, I have told them to stop calling and to remove my name from their list, and now I’m getting maybe 1 or 2 calls a day and multiple texts.

  • remotelove
    link
    fedilink
    arrow-up
    4
    ·
    11 months ago

    You can find payload lists out there in the wild. Here is a repository filled with them: https://github.com/payloadbox

    We use lists like these, which are generally benign, to test websites for vulnerabilities. My theory is that the software they use to manage these text messages is probably web based and not designed for this kind of input. XSS like this, if executed, could cause an endless stream of popups on their side similar the days of the wild wild web. It’s not going to hurt anything, but they won’t want to reference my text logs any more.

    Obviously, there are a ton of caveats. Depending on how the message is secured in transit, your carrier might block it. I dunno as I have never worked in the mobile security space. You might piss your own phone off. You might break your own message histories…

    There are a ton of unknowns, btw. I personally don’t give a fuck about any of them.