[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <46D3A4DA.3050406@bellsouth.net>
Date: Tue, 28 Aug 2007 00:30:18 -0400
From: scott <redhowlingwolves@...lsouth.net>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: UTF reverse-writing WYSINWG "feature"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I remember a guy that set up a firewall box for his wireless AP that
flipped every page that an unauthorized user accessing his AP would
get.Really great stuff!
His neighbor was stealing his internet connection and he wanted to
screw with him.
I know, a secure connection and so on, and so forth...
Just thought this was a good time to tell this story.
Regards,
Redhowlingwolves
Tonu Samuel wrote:
> Hi!
>
> Reading today http://www.digg.com/offbeat_news/WTF_is_this_Character
> rang bells in my head. There is a nice utf character which just confuses
> software and all display goes instead left-to-right into right-to-left.
> It is difficult to exaplain but go and read original.
>
> But by concerns are related to security. For example even looking title
> of this digg.com page with Firefox or Konqueror and you see that browser
> name is reversed! I looked into source code with Firefox and lot of
> things are reversed too!
>
> I was thinking about possible (ab)uses of this "feature". Let say, I
> want to write some rude words into some portal but they regexp it out.
> Now I have way to do it.
>
> http://www.epl.ee/?artikkel=317582&kommentaarid=0 is random example.
> "sitt" is bit rude word and they do not allow to use it inside
> comments.
>
> Another example is Delfi. This is locally huge portal and they colour
> word "delfi" in comments into their trademark colours:
>
> http://www.delfi.ee/archive/article.php?id=16722806&ndate=1187643600&categoryID=120&com=1&s=1&no=180
>
> Why it is in this list? I think this is serious security issue when you
> have to audit source code of bank and you read
>
> if ( sum == 123 )
>
> but actually machine understands it as
>
> if ( sum == 321 )
>
> I am sure people in this list can come up with more ideas. Just wanted
> to warn about such "feature".
>
> Tõnu
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFG06TZsrt057ENXO4RApZSAJ9mGM9BAxj9AAwMGz4ohEDSILb6PgCfTYDL
45DaSwL+MshKsgomB4G3hE4=
=pvDL
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists