Full Disclosure mailing list archives
Safari Address Spoofing (How We Got It)
From: David Leo <david.leo () deusen co uk>
Date: Fri, 29 May 2015 13:47:54 +0800
Proof of concept: http://www.deusen.co.uk/items/iwhere.9500182225526788/ It works on fully patched versions of iOS and OS X. How it works: Just keep trying to load the web page of target domain. How We Got It: Safari changes address bar to new URL, BEFORE new content is loaded. BestSec http://www.deusen.co.uk/items/bestsec/ We like it. We read it. Kind Regards, _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Safari Address Spoofing (How We Got It) David Leo (May 31)
- Re: Safari Address Spoofing (How We Got It) Michal Zalewski (May 31)