Bugtraq mailing list archives
Re: MS IE Password inputs
From: "Cody Smith" <smithcc () uclink4 berkeley edu>
Date: Wed, 21 Nov 2001 02:34:02 -0800
Worse than this is a gaping hole in Windows versions of Opera 5 and 6. I haven't tested earlier versions, but they could easily be vulnerable. In Opera, passwords boxes can be read externally, by other processes. ShoWin (~ 23 kb) is one such app which will divulge the contents of most password boxes in Windows. In IE and Netscape, ShoWin selects the entire document being viewed, rather than any individual elements, so it can't read passwords. However, in Opera, ShoWin will report the contents of individual form elements, including password boxes. Simply position the crosshairs over the password field and ShoWin displays the password in the 'Title' box. Also, Opera will remember the status of form elements, including passwords, when moving back and forward, so passwords are highly vulnerable throughout the life of the document window. I was able to log into Hotmail with the 'Public/shared computer' option, check mail, send mail, logout, and then go all the way back and read my own password. Cody Smith ----- Original Message ----- From: "Mattie Casper" <mattie () mattie net> To: "Jon Embury" <jon.embury () f1solutions com au>; <bugtraq () securityfocus com> Sent: Tuesday, November 20, 2001 10:25 PM Subject: Re: MS IE Password inputs
Very interesting find, and I can confirm the same thing happens in IE6. I can reproduce it by placing the cursor at the beginning of a password typed-in like "1234 56789 0ABCDE FGHIJK" and then use CTRL+RIGHTARROW to move through the asterisks just as if the spaces were there. (CTRL+RIGHTARROW in some applications like IE will move you to the next 'word' in a textbox.) This can come in handy when I typo part of a password and don't want to retype it all, but this does have some slight security implications. -Mattie! Mattie Casper http://me.mattie.net ----- Original Message ----- From: "Jon Embury" <jon.embury () f1solutions com au> To: <bugtraq () securityfocus com> Sent: Tuesday, November 20, 2001 3:28 PM Subject: MS IE Password inputsJust something I've noticed on IE 4 & 5.5 If you enter a password that contains a mix of non-alphabetic andalphabeticcharacters to an MS IE password input and then use the keyboard toselect itwhile holding down tab the cursor / selected region jumps betweenthenon-alphabetic characters in exactly the same manner as it does whenyouapply the same technique in word, Interdev, vb etc. It doesn't reveal the password, but it would seem to reveal at leastsome ofthe structure. Eg 1 2 3 4 5 Jon Embury Developer, F1 Solutions www.f1solutions.com.au
Current thread:
- MS IE Password inputs Jon Embury (Nov 20)
- Re: MS IE Password inputs Mattie Casper (Nov 20)
- Re: MS IE Password inputs Cody Smith (Nov 21)
- Re: MS IE Password inputs Mattie Casper (Nov 20)