lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <4aff5567.2501303@sandman.za.net>
Date: Tue, 14 Feb 2006 08:43:03 +0200
From: Markus <full-disclosure@...dman.za.net>
To: Thierry Zoller <Thierry@...ler.lu>,Gadi Evron <ge@...uxbox.org>
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Re: Internet Explorer drag&drop 0day


Hi Thierry Zoller,

I have a couple of problems/questions reguarding your web-site:
On the Secure-It details page [ http://www.sniff-em.com/secureit.shtml ]
under the heading  "Do you have a demonstration ?", both links to the
demo "exploit" are dead.
    [ http://www.freewebs.com/shreddersub7/htm.htm ]
    [ http://www.freewebs.com/shreddersub7/htm.htm%20 ]

My primary concern however is that the method chosen to open those links.
I assume in an attempt to hide the target url you meant to use the
* onclick * javascript event, or even the * onmousedown * or * onmouse * up,
but surely not the * onmouseover * !

You are aware that you current chosen method would have launched your
exploit on the machine of a prospective customer, without so much as a
clicks worth of their consent, had the links worked and by some small
miracle they had disabled pop-up blocking etc.
 
I do wish you the best of luck in your ventures.
Your products appear both useful and interesting.
Please give your web designer a whack on the side of the head though.

Regards
Markus

>Gadi Evron wrote:
>> Dear Gadi Evron,
>> 
>> Just a note Users of Secure-it were already protected against this as
>> it blocks the shell.explorer interface since 2005:
>> 
>> http://www.sniff-em.com  [Freeware]
>
>Cool. Thanks. That's the most polite and non-evasive commercial plug-in 
>I've seen in a while! :)
>
>I mean that!
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ