lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200407012152.i61LqHnE014546@web170.megawebservers.com>
From: 1 at malware.com (http-equiv@...ite.com)
Subject: SUPER SPOOF  DELUXE Re: Microsoft and Security


That's very sweet of you my dear. Instead of guessing like you 
normally do you, you're now thinking.

You're now replicating the exact same demos that are currently 
on the table. Not like the pretended before. But you're a bit 
late to the party. Because this has to be specially crafted and 
is only functional under a set of circumstances. That my boy is 
what security is about.

I am in the process of engaging a 'real' security expert, the 
original finder from 6 years ago, to explain it, since despite 
self-proclamations about our expertise, we all know nothing.

Some of us aren't shy about that, others...well...you know.


Thor Larholm <thor@...x.com> said:

> Both you and I know perfectly well that Windows Update serves a
> different page for non-IE browsers, and that that page does 
not contain
> any frames. You should focus on the facts instead of letting 
your hatred
> for Microsoft overwhelm you.
> 
> Since you have trouble reproducing a very simple example I 
have instead
> put this example online:
> 
> http://www.jscript.dk/2004/7/subframe/
> 
> Open the page. Click the first button called "Open window". 
Click the
> second button called "Load page". See that the page from 
geocities.com
> is now loaded inside the subframe on jscript.dk.
> 
> As you can see, this is perfectly reproduceable in both IE, 
Mozilla,
> Firefox and Opera. This is of course provided that they allow 
popups in
> the first place, but as I mentioned in my previous posts you 
can
> acomplish the same with inline frames instead of a new browser 
window. 
> 
> To make doubly sure, I even downloaded fresh copies of Firefox 
0.9.1
> (worked fine in 'Safe Mode' as well) and Opera 7.51.
> 
> 
> 
> Regards
> 
> Thor Larholm
> Senior Security Researcher
> PivX Solutions
> 23 Corporate Plaza #280
> Newport Beach, CA 92660
> http://www.pivx.com
> thor@...x.com
> Stock symbol: (PIVX.OB)
> Phone: +1 (949) 231-8496
> PGP: 0x5A276569
> 6BB1 B77F CB62 0D3D 5A82 C65D E1A4 157C 5A27 6569
> 
> PivX defines a new genre in Desktop Security: Proactive Threat
> Mitigation. 
> <http://www.pivx.com/qwikfix>
> -----Original Message-----
> From: http-equiv@...ite.com [mailto:1@...ware.com] 
> Sent: Thursday, July 01, 2004 1:09 PM
> To: Thor Larholm; 1@...ware.com; bugtraq@...urityfocus.com
> Cc: NTBugtraq@...tserv.ntbugtraq.com
> Subject: RE: SUPER SPOOF DELUXE Re: [Full-Disclosure] 
Microsoft and
> Security
> 
> 
> 
> Yes of course.
> Two tiny problems though:
> 
> 1. your little scriplet doesn't work for me. I get:
> 
> 'W.frames.2.location' is null or not an object
> 
> 2. If as you claim this is "standard practice" then there is 
something
> wrong with these browsers as it apparently does not work on 
them:
> 
> The following browsers are not affected:
> * Mozilla Firefox 0.9 for Windows
> * Mozilla Firefox 0.9.1 for Windows
> * Mozilla 1.7 for Windows
> * Mozilla 1.7 for Linux
> 
> http://secunia.com/advisories/11978/
> 
> Perhaps someone who really knows will enlighten us all.
> 
> 



-- 
http://www.malware.com





Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ