lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <008e01c452eb$dca9bc40$e000a8c0@martijnmycom>
Date: Tue, 15 Jun 2004 17:17:24 +0200
From: "Martijn Brinkers" <m.brinkers@...ox.com>
To: <bugtraq@...urityfocus.com>
Subject: ActiveX control download and redirection


Hi,

I have been playing around with ActiveX controls and I noticed that IE shows
the complete URL even though the download has been redirected. From a user
perspective its a bit unclear where the actual ActiveX control is downloaded
from.

example can be found on (a self signed ActiveX control will be downloaded):

http://www.brinkers.cistron.nl/RedirectYahoo.htm

It contains the following <OBJECT> tag.

<OBJECT
   classid="clsid:6A9F9438-754D-4D6A-932C-9C28405634F6"

codebase="http://rds.yahoo.com/*http://www.brinkers.cistron.nl/RedirectTestP
roj1.cab#version=1,0,0,0"
>

IE now shows a dialog ( http://www.brinkers.cistron.nl/activex.jpg )
indicating the ActiveX control comes from:

http://rds.yahoo.com/*http://www.brinkers.cistron.nl/RedirectTestProj1.cab

but it is actually downloaded from http://www.brinkers.cistron.nl

Its probably the correct behavior (by design) but I think it can be misused
in some ways?

Any comments?

Martijn Brinkers

m.brinkers@...ox.com



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ