Full Disclosure mailing list archives
Chrome and Safari users open to stealth HTML5 Application Cache attack
From: Lavakumar Kuppan <lava () andlabs org>
Date: Mon, 28 Jun 2010 03:58:16 +0530
Google Chrome and Safari support HTML5 Application Cache. But unlike Firefox and Opera they do not ask for user permission before allowing a site to create an Application Cache. On unsecured networks, attackers could stealthily create malicious Application Caches in the browser of victims for even HTTPS sites. It has always been possible to poison the browser cache and compromise the victim's account for HTTP based sites. With HTML5 Application Cache, it is possible to poison the cache of even HTTPS sites. Details - http://blog.andlabs.org/2010/06/chrome-and-safari-users-open-to-stealth.html I have also released a POC using which both Facebook and Gmail can be compromised. POC - http://www.andlabs.org/tools/imposter/imposter_poc.zip Video - http://www.youtube.com/watch?v=00sKMMyXJsI Cheers, Lava http://www.andlabs.org
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Chrome and Safari users open to stealth HTML5 Application Cache attack Lavakumar Kuppan (Jun 28)
- Re: Chrome and Safari users open to stealth HTML5 Application Cache attack Chris Evans (Jun 28)
- Re: Chrome and Safari users open to stealth HTML5 Application Cache attack Dan Kaminsky (Jun 28)
- Re: Chrome and Safari users open to stealth HTML5 Application Cache attack Chris Evans (Jun 28)
- Re: Chrome and Safari users open to stealth HTML5 Application Cache attack Dan Kaminsky (Jun 28)
- Re: Chrome and Safari users open to stealth HTML5 Application Cache attack Michal Zalewski (Jun 28)
- Re: Chrome and Safari users open to stealth HTML5 Application Cache attack Lavakumar Kuppan (Jun 29)
- Re: Chrome and Safari users open to stealth HTML5 Application Cache attack Dan Kaminsky (Jun 28)
- Re: Chrome and Safari users open to stealth HTML5 Application Cache attack Chris Evans (Jun 28)