lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: 1 at malware.com (http-equiv@...ite.com) Subject: SUPER SPOOF DELUXE Re: Microsoft and Security > On the subject of IE bugs, I am running SP2 RC2, IE6.0.2900.2149 today I > opened a window > http://www.asus.com/products/server/srv-mb/ncch-dl/overview.htm > In another IE window I had www.ingrammicro.com/uk open > > Whe I click on the picture of the motherboard in the first page to enlarge > it, it changes the ingrammicro page to have the picture of the motherboard > in it but still displays the ingrammicro page title in the browser bar, and > the top "frame" of the ingrammicro page.... > > Weird one, I don’t know if it is restricted to this build of IE though > HTH > Mark isclosure-charter.html This is unbelieveable. Super Spoof DeLuxe ! Simply knowing the frame name of the target site we can modify the asus.com crazy code and inject whatever we want into the target site. Here's a quick and dirty demo injecting malware.com into windowsupdate.microsoft.com :) http://www.malware.com/targutted.html - using window.open most popup blockers will block it, disable for the demo or recode with just open() or something else which can defeat them - this demo hinges on the site code frame name being in english for the demo url of windowsupdate.com -you need to time the loading of the target site before injecting - quick testing from google frame + bank, yields banking sites using frames where it too works exact reason or code in asus.com not examined at this time. Well done Mark. A recording setting lunker. -- http://www.malware.com
Powered by blists - more mailing lists