Bugtraq mailing list archives

Re: Drive-by Pharming Threat

From: Jeremy Saintot <jeremy.saintot () free fr>
Date: Tue, 20 Feb 2007 12:11:01 +0100

auto400208 () hushmail com wrote:

I am curious as to how one "automatically" logs on?

1. Internet Explorer disallows username:pass@http://192.168.1.0
2. Opera has a very clear warning that you are logging on
3. Firefox has a very clear warning that you are logging on

Are there any other methods to log on without any warning? If so
does it work with Internet Explorer?  Also when you do reset or
change parameters in the router, does it not require a reboot of
the router (auto after you hit save), whereby your connection is
lost for x amount of time?

I did not test that, but I think some routers use HTML forms to log in tothe admin panel. In this case, you should be able to use CSRF with AJAX xhrobjects, or simple Javascript to auto-submit the form. Once the browser islogged in, it could use the same process and submit forms to changeconfiguration settings such as DNS servers (for this attack) and more.


Regards,

Jeremy Saintot

Current thread:

Drive-by Pharming Threat Zulfikar Ramzan (Feb 15)
- Re: Drive-by Pharming Threat Mark Senior (Feb 16)
  - Re: Drive-by Pharming Threat Dennis (Feb 16)
- <Possible follow-ups>
- RE:Drive-by Pharming Threat psirt (Feb 16)
- RE: Drive-by Pharming Threat Memisyazici, Aras (Feb 17)
  - Re: Drive-by Pharming Threat Marcello Barnaba (Feb 17)
    - Re: Drive-by Pharming Threat Cedric Blancher (Feb 17)
- Re: Drive-by Pharming Threat auto400208 (Feb 20)
  - Re: [Full-disclosure] Drive-by Pharming Threat Martin Johns (Feb 20)
  - Re: [Full-disclosure] Drive-by Pharming Threat Andrew Farmer (Feb 20)
  - Re: Drive-by Pharming Threat Jeremy Saintot (Feb 20)
- Re: Drive-by Pharming Threat hlockhar (Feb 22)