Full Disclosure mailing list archives
SUPER SPOOF DELUXE Re: Microsoft and Security
From: "http-equiv () excite com" <1 () malware com>
Date: Tue, 29 Jun 2004 14:23:16 -0000
On the subject of IE bugs, I am running SP2 RC2,
IE6.0.2900.2149 today I
opened a window http://www.asus.com/products/server/srv-mb/ncch-dl/overview.htm In another IE window I had www.ingrammicro.com/uk open Whe I click on the picture of the motherboard in the first
page to enlarge
it, it changes the ingrammicro page to have the picture of the
motherboard
in it but still displays the ingrammicro page title in the
browser bar, and
the top "frame" of the ingrammicro page.... Weird one, I dont know if it is restricted to this build of
IE though
HTH Mark
isclosure-charter.html This is unbelieveable. Super Spoof DeLuxe ! Simply knowing the frame name of the target site we can modify the asus.com crazy code and inject whatever we want into the target site. Here's a quick and dirty demo injecting malware.com into windowsupdate.microsoft.com :) http://www.malware.com/targutted.html - using window.open most popup blockers will block it, disable for the demo or recode with just open() or something else which can defeat them - this demo hinges on the site code frame name being in english for the demo url of windowsupdate.com -you need to time the loading of the target site before injecting - quick testing from google frame + bank, yields banking sites using frames where it too works exact reason or code in asus.com not examined at this time. Well done Mark. A recording setting lunker. -- http://www.malware.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- SUPER SPOOF DELUXE Re: Microsoft and Security http-equiv () excite com (Jun 29)
- Re: SUPER SPOOF DELUXE Re: Microsoft and Security Eric Paynter (Jun 29)
- <Possible follow-ups>
- SUPER SPOOF DELUXE Re: Microsoft and Security http-equiv () excite com (Jun 29)