Bugtraq mailing list archives
Re: seamless bait-and-switch
From: Charles Morris <cmorris () cs odu edu>
Date: Fri, 9 Dec 2011 10:37:51 -0500
I agree that It's very unlikely that we would not catch it. I know that change made my eyes jump immediately. However, it's very likely that, given enough targets... I am 100% confident that many of them will fall for it. Keep in mind that this group is the group that responds to emails like the following: "From: coolguy131 () vacationhomes xyz You are akcount is ABOUT TO BE UPDATED respond with you'r SOCIAL SECURITY AND LICENSE SCAN. Error code 51535351535153515.5f." Also as this is an user attention issue, targeting pages that are heavily animated or otherwise distracting may help in the exploit. On Thu, Dec 8, 2011 at 5:09 PM, Michal Zalewski <lcamtuf () coredump cx> wrote:
And you don't believe that people would think that's suspicious?What part? The change of a URL that is not associated with the repainting of window contents? I believe that they are very unlikely to catch this after initially examining the URL, in absence of other indicators (change in URL length, page repainting, throbber activity). /mz
Current thread:
- seamless bait-and-switch Michal Zalewski (Dec 08)
- Message not available
- Message not available
- Re: seamless bait-and-switch Michal Zalewski (Dec 08)
- Message not available
- Re: seamless bait-and-switch Michal Zalewski (Dec 09)
- Re: seamless bait-and-switch Jann Horn (Dec 09)
- Re: seamless bait-and-switch Charles Morris (Dec 12)
- Message not available
- Message not available