lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <FCAD9F541A8E8A44881527A6792F892C307B3E@owa.eeye.com>
Date: Mon, 12 Jul 2004 15:04:10 -0700
From: "Drew Copley" <dcopley@...e.com>
To: "Polazzo Justin" <Justin.Polazzo@...ilities.gatech.edu>
Cc: <bugtraq@...urityfocus.com>
Subject: RE: MSIE Download Window Filename + Filetype Spoofing Vulnerability


 

> -----Original Message-----
> From: Polazzo Justin [mailto:Justin.Polazzo@...ilities.gatech.edu] 
> Sent: Monday, July 12, 2004 12:22 PM
> To: Drew Copley
> Cc: bugtraq@...urityfocus.com
> Subject: RE: MSIE Download Window Filename + Filetype 
> Spoofing Vulnerability
> 
> Should you not be able to tile your gui any way you please? 

You can title your UI anyway you please.

> 
> Someone may be thinking that you could put an image in front 
> of the security box in order to trick users into clicking on 
> "open" without knowledge. I noticed that you cant click on 
> the buttons when the image is in front of them.
> 

I haven't checked out the new demo, but it is inconsquential,
you can totally change the contents of the window so that "No"
becomes "yes", or "yes" becomes "no", or whatever else. [By
stating, "Do Not Run This App", for instance, turns the positive
into the negative.]

"Close this window"?

"Yes".

Boom.

There are countless variations on this as you can put in there,
around there, all around anything you want.

It is a pain to make a really good demo, though, this is
why no one has probably messed with it. And, it is likely
too old for the current wave of criminals to get a handle
on it.

Well, not anymore. But, thankfully, Microsoft fixed this in
SP 2. Hopefully everyone else will get this fix in their
IE as well.


> Would you be able to have an insane speed at which the object 
> moves over the buttons, or a  pulse action to where the image 
> would appear to be solid, but would still select "open" when pressed?

Yeah, you can probably flicker it and hide it as well.

Really, the exploitation is for an artist...

> 
> jp
> 
> -----Original Message-----
> From: Drew Copley [mailto:dcopley@...e.com]
> 


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ