[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <875432850907270825o27fd9946j350fadba359aa0f9@mail.gmail.com>
Date: Mon, 27 Jul 2009 21:55:52 +0630
From: "YGN Ethical Hacker Group (http://yehg.net)" <lists@...g.net>
To: xu shaopei <xisigr@...il.com>
Cc: Juan Pablo Lopez Yacubian <jplopezy@...il.com>,
bugtraq@...urityfocus.com
Subject: Re: URL spoofing bug involving Firefox's error pages and
document.write
Great!
We should fill up %20 as many as possible to hide the payloads in
some wider screens.
The JavaScript Test 2 example is great for stealth phishing attacks
while status bar spoofing is great for hiding our attack payload.
I also made a record for hiding XSS payload.
http://yehg.net/lab/pr0js/vulnerables/status_bar_url_spoofing.htm
On Mon, Jul 27, 2009 at 6:53 PM, xu shaopei<xisigr@...il.com> wrote:
> hi ,jplopezy:
>
> IN "http://hi.baidu.com/xisigr/blog/item/edbcba00011864de267fb55a.html",
> 127.0.0.1 is just a fictitious example.
>
> See real examples:http://xisigr.googlepages.com/firefoxspoofing,test 1
> is my,test 2 is your.some "%20" for display a "white space" in the
> Status Bar.
>
>
> On Mon, Jul 27, 2009 at 5:47 PM, Juan Pablo Lopez
> Yacubian<jplopezy@...il.com> wrote:
>> xisigr
>>
>> in my opinion not is the same bug because the method is very diferent, and
>> also your poc don' t work, anyway for more information you can enter ( if
>> you have a account) in bugzilla, i report it : 2008-08-23
>>
>> https://bugzilla.mozilla.org/show_bug.cgi?id=451898
>>
>>
>> see you
>>
>> 2009/7/27 xu shaopei <xisigr@...il.com>
>>>
>>> http://hi.baidu.com/xisigr/blog/item/edbcba00011864de267fb55a.html
>>>
>>> On Sat, Jul 25, 2009 at 4:46 AM, <jplopezy@...il.com> wrote:
>>> >
>>> > Application: Firefox 3.0.11
>>> > OS: Windows XP - SP3
>>> > ------------------------------------------------------
>>> > 1 - Description
>>> > 2 - Vulnerability
>>> > 3 - POC/EXPLOIT
>>> > ------------------------------------------------------
>>> > Description
>>> >
>>> > This software is a popular web browser that supports multiple platforms
>>> > as (windows,linux,macos).
>>> >
>>> > ------------------------------------------------------
>>> > Vulnerability
>>> >
>>> > The bug is caused when you try to open a url with a invalid char, in
>>> > this time, you can edit the error page, and make a "spoof".
>>> >
>>> > This not would be important because when you make the spoof the "invalid
>>> > web" is loading all time, but as firefox allow that you call the "stop"
>>> > method of other page you can stop this.
>>> >
>>> > The result of this is a fake page.
>>> >
>>> > ------------------------------------------------------
>>> > POC/EXPLOIT
>>> >
>>> > The poc is a simple script that have a window.open(), it calls the url
>>> > with invalid char, the invalid char can be a "," or "%" is important that
>>> > you add some "%20" for display a "white space" in the url.
>>> >
>>> > http://es.geocities.com/jplopezy/firefoxspoofing.html
>>> >
>>> > PD : I send this to bugzilla
>>> > ------------------------------------------------------
>>> > Juan Pablo Lopez Yacubian
>>
>>
>
Powered by blists - more mailing lists