Re: Drive-by Pharming Threat

[Gaurang Pandya <gaubrig () yahoo com>]

just wondering why cant simple perl script be used
instead??

Gaurang.
--- Martin Johns <martin.johns () gmail com> wrote:

> On 2/19/07, auto400208 () hushmail com <
> auto400208 () hushmail com> wrote:
> > I am curious as to how one "automatically" logs
> on?
>
> There are several potential methods (depending on
> the victim's browser):
> 1) Older versions of Flash allow the spoofing of
> arbitrary http
> headers [1] thus allowing the creation of attacker
> controlled
> Authorization-headers.
> 2) Firefox does not display http-authentication
> warnings if the http
> request was generated by the browser's link-prefetch
> mechanism [2].
> 3) An anti-DNS-pinning attack [3] can be executed to
> break the
> same-origin policy. Then the low-level socket
> functions of either
> Flash (all browsers) [4] or Java (Firefox and Opera)
> [5] could be
> employed to create arbitrary http requests.
>
> [1]
http://www.securityfocus.com/archive/1/441014/30/0/threaded
> [2]
http://blog.php-security.org/archives/56-Bruteforcing-HTTP-Auth-in-Firefox-with-JavaScript.html
> [3] http://shampoo.antville.org/stories/1451301/
> [4] http://www.jumperz.net/index.php?i=2&a=1&b=8
> [5] http://shampoo.antville.org/stories/1566124/
>
> -- 
> Martin Johns
> http://shampoo.antville.org
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia -
> http://secunia.com/



 
____________________________________________________________________________________
Bored stiff? Loosen up... 
Download and play hundreds of games for free on Yahoo! Games.
http://games.yahoo.com/games/front

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/