Full Disclosure mailing list archives
Re: Dark side of bookmarks
From: "MustLive" <mustlive () websecurity com ua>
Date: Thu, 5 Nov 2009 23:54:11 +0200
Hello Aras! As correctly note S/U/N (http://lists.grok.org.uk/pipermail/full-disclosure/2009-November/071323.html) I wrote enough PoCs (for different browsers) at my site (http://websecurity.com.ua/2454/), and this page can be read via Google Translate. But Aras and S/U/N, even without reading that page with Google Translate, but just with going by link (in my article) to that page and view PoCs (exploits) codes, it'll be enough to see how such attacks works.
Your "article", unless I misunderstood, is useless.
Thanks for critic. Even lame critic is still critic :-). It's lame, because on some of your questions there were already answers in my article. You just read it not so attentive.
To explain further, your article lacks substance. For instance you state: "could be used in DoS attack for browsers" yet you provide no working PoC/example(s)
In my article, just in words "DoS attacks on browsers", there is a link to my post (http://websecurity.com.ua/2454/) about DoS vulnerabilities in Firefox, Internet Explorer and Opera with PoCs (exploits) for all these browsers. Which I posted 19.09.2008. So everyone can read this post and see these exploits during this time as many times as he need. This post with these vulnerabilities in different browsers was a part of my last year project Day of bugs in browsers (http://websecurity.com.ua/2453/). And as I mentioned above (as also mentioned by S/U/N) this post can be translated to English via Google Translate.
What about mitigation? What about prevention?
I wrote some mitigation suggestions in Conclusions in article. More advanced mitigation and prevention methods must be provided by browsers vendors, if they will consider this threat as real. I wrote this article without much technical details and PoCs (because PoCs were posted at another page of my site, where I put link to), because I planned to do so yet in summer 2008, where I decided to make such article. It's "introduction to security problem" style (but detailed introduction), when I'm introducing this threat to people (to the whole Internet). I have never seen any articles and works on this subject before, so for me it's looks like new threat (unkown to the masses). And I didn't want to give working PoCs or exploits for bad guys (so the article is more informational). If they interested in this subject, they need to work by themselves to created working exploits ;-).
From other side, there are my exploits for DoS attacks on browsers via
bookmarks, and for all 5 attack methods (social engineering, hacking of the sites and changing of codes in links, two variants of using of viruses, using of attacks with active (looped) proposition to add to bookmarks) I wrote enough descriptions. For variants of using of viruses I'll be not releasing any working codes, and for other attacks methods the descriptions are sufficient. By phrase "in modern browsers" in fifth method of attack I implied, that JS-codes which is used to add to bookmark in modern browsers, which can be used particularly for above-mentioned DoS attacks, can be used in this attack method. To make this more clear, I just added the link to above mentioned article here.
No offense but scare-tactics don't help ANYBODY...
As I said this article is designed to draw attetion of people (the whole Internet) to the problem. There is a proverb (in Ukraine and in Russia) - if warned, then armed.
As a sysadmin, I would've appreciated some more details or at least some answers to my questions above! :)
I'll always answer at your questions. If after these answers you have any other questions, feel free to ask. Soon I'll release new article about threat similar to attacks via bookmarks. It's also concerned with browsers (these two articles and the threats themselves have similarities). And new article will be writen in similar "introduction to security problem" style.
look forward to your continued, hopefully improved research results!
I'm always working to improve my research results. Soon I'll release new article, as I said above. And meanwhile you can read my other researches and articles. Like two before-menioned articles about redirectors and Cross-Site Scripting attacks via redirectors (http://websecurity.com.ua/3386/) and other articles at my site (http://websecurity.com.ua/category/articles/), some of which are translated to English. Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua ----- Original Message ----- From: "Memisyazici, Aras" <arasm () vt edu> To: <full-disclosure () lists grok org uk> Cc: "MustLive" <mustlive () websecurity com ua> Sent: Monday, November 02, 2009 3:51 PM Subject: RE: [Full-disclosure] Dark side of bookmarks MustLive: I really don't want to start a flame-war nor am I trying to belittle you or your work but... Your "article", unless I misunderstood, is useless. To explain further, your article lacks substance. For instance you state: "could be used in DoS attack for browsers" yet you provide no working PoC/example(s) What about mitigation? What about prevention? No offense but scare-tactics don't help ANYBODY... As a sysadmin, I would've appreciated some more details or at least some answers to my questions above! :) In any case, thank you for putting together such an entry and look forward to your continued, hopefully improved research results! Sincerely, Aras 'Russ' Memisyazici Systems Administrator Virginia Tech ---------------------------------------------------------------------- Date: Sat, 31 Oct 2009 23:24:50 +0200 From: "MustLive" <mustlive () websecurity com ua> Subject: [Full-disclosure] Dark side of bookmarks To: <full-disclosure () lists grok org uk> Hello participants of Full-Disclosure! After my articles about different attacks via redirectors - Redirectors: the phantom menace (http://websecurity.com.ua/3495/) and Attacks via closed redirectors (http://websecurity.com.ua/3531/), here is my new article. This time about attacks via bookmarks. In article Dark side of bookmarks (http://websecurity.com.ua/3643/) I'll tell you about risks of bookmarks in browsers. There are possible next attacks via bookmarks: 1. Spam. 2. Phishing. 3. Malware spreading. 4. DoS attacks. You can read the article Dark side of bookmarks at my site: http://websecurity.com.ua/3643/ Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Dark side of bookmarks MustLive (Nov 01)
- <Possible follow-ups>
- Re: Dark side of bookmarks Memisyazici, Aras (Nov 02)
- Re: Dark side of bookmarks S/U/N (Nov 02)
- Re: Dark side of bookmarks MustLive (Nov 06)