Re: Internet Explorer drag&drop 0day

[Markus <full-disclosure () sandman za net>]

Hi Thierry Zoller,

I have a couple of problems/questions reguarding your web-site:
On the Secure-It details page [ http://www.sniff-em.com/secureit.shtml ]
under the heading  "Do you have a demonstration ?", both links to the
demo "exploit" are dead.
   [ http://www.freewebs.com/shreddersub7/htm.htm ]
   [ http://www.freewebs.com/shreddersub7/htm.htm%20 ]

My primary concern however is that the method chosen to open those links.
I assume in an attempt to hide the target url you meant to use the
* onclick * javascript event, or even the * onmousedown * or * onmouse * up,
but surely not the * onmouseover * !

You are aware that you current chosen method would have launched your
exploit on the machine of a prospective customer, without so much as a
clicks worth of their consent, had the links worked and by some small
miracle they had disabled pop-up blocking etc.

I do wish you the best of luck in your ventures.
Your products appear both useful and interesting.
Please give your web designer a whack on the side of the head though.

Regards
Markus

> Gadi Evron wrote:
> > Dear Gadi Evron,
> >
> > Just a note Users of Secure-it were already protected against this as
> > it blocks the shell.explorer interface since 2005:
> >
> > http://www.sniff-em.com  [Freeware]
>
> Cool. Thanks. That's the most polite and non-evasive commercial plug-in 
> I've seen in a while! :)
>
> I mean that!
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/