| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 20 Feb 2007 12:11:01 +0100 From: Jeremy Saintot <jeremy.saintot@...e.fr> To: auto400208@...hmail.com Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: Re: Drive-by Pharming Threat auto400208@...hmail.com wrote: > I am curious as to how one "automatically" logs on? > > 1. Internet Explorer disallows username:pass@http://192.168.1.0 > 2. Opera has a very clear warning that you are logging on > 3. Firefox has a very clear warning that you are logging on > > Are there any other methods to log on without any warning? If so > does it work with Internet Explorer? Also when you do reset or > change parameters in the router, does it not require a reboot of > the router (auto after you hit save), whereby your connection is > lost for x amount of time? > I did not test that, but I think some routers use HTML forms to log in to the admin panel. In this case, you should be able to use CSRF with AJAX xhr objects, or simple Javascript to auto-submit the form. Once the browser is logged in, it could use the same process and submit forms to change configuration settings such as DNS servers (for this attack) and more. Regards, Jeremy Saintot _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists