Bugtraq mailing list archives
Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers)
From: Michal Zalewski <lcamtuf () dione ids pl>
Date: Sun, 11 Feb 2007 22:26:11 +0100 (CET)
On Sun, 11 Feb 2007, pdp (architect) wrote:
here is an idea... we can combine both techniques into a single attack... the hardest part of your hack is to force the user to type :// plus several other /
Actually, MSIE doesn't require drive specification in the filename, and will probably accept relative paths as well (so you might not need \ either when picking files from the desktop or 'my documents' or whatnot). Firefox won't settle for a path without drive specification (but it will accept SMB requests ;-). On *nix systems, of course, aiming /etc/passwd is easier than C:\whatever. The problem with intercepting address bar input is that you can't echo the entered text back there without unloading the current document and its scripts; in my examples, I tried to make sure that it's hard for the user to notice that his input is not going where it should (in MSIE example, this includes simulation of a blinking cursor). /mz
Current thread:
- Re: Firefox focus stealing vulnerability (possibly other browsers), (continued)
- Re: Firefox focus stealing vulnerability (possibly other browsers) Michal Zalewski (Feb 12)
- Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) pdp (architect) (Feb 13)
- Re: Firefox focus stealing vulnerability (possibly other browsers) Andreas Beck (Feb 13)
- Re: Firefox focus stealing vulnerability (possibly other browsers) Michal Zalewski (Feb 13)
- Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) Michal Zalewski (Feb 12)
- Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) pdp (architect) (Feb 12)
- Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) pdp (architect) (Feb 12)
- Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) pdp (architect) (Feb 12)
- Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) Michal Zalewski (Feb 12)
- Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) pdp (architect) (Feb 12)
- Re: Firefox focus stealing vulnerability (possibly other browsers) Michal Zalewski (Feb 12)
- Message not available
- Message not available
- Message not available
- Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) Ben Bucksch (Feb 13)