Bugtraq mailing list archives

Re: Re: Bypass phishing protection in Firefox / Opera

From: zonafirefox () gmail com
Date: 29 Mar 2007 23:36:01 -0000

yes, this what you comment is another different failure and i've commented it in the following article:

http://www.zonafirefox.net/2007/02/nueva-falla-en-el-filtro-anti-phishing.html

By the way, i think this new way to bypass the phishing protection is some dangerous. 

Demostrations again (look at the code):

http://zonafirefox.googlepages.com/prueba2.html
http://zonafirefox.googlepages.com/prueba.html

Firefox 2.0.0.3, Opera 9.10 and Opera 9.2b fails. IE7 has no problems.

A single IFRAME / OBJECT can bypass phishing protection.

More info: 

http://www.zonafirefox.net/2007/03/salteando-el-filtro-antiphishing-con-un.html
http://www.zonafirefox.net/2007/03/salteando-el-filtro-antiphishing-con.html

Current thread:

Bypass phishing protection in Firefox / Opera zonafirefox (Mar 28)
- <Possible follow-ups>
- Re: Bypass phishing protection in Firefox / Opera Anonymous (Mar 29)
- Re: Re: Bypass phishing protection in Firefox / Opera bob (Mar 29)
- Re: Re: Bypass phishing protection in Firefox / Opera zonafirefox (Mar 29)
- Re: Bypass phishing protection in Firefox / Opera Łukasz Pilorz (Mar 30)