Results 1 to 6 of 6

Thread: New Pop-up Hijack affecting all browsers

  1. #1

    New Pop-up Hijack affecting all browsers

    a new pop-up hijack proof of concept popped up on secunia today (http://secunia.com/) and all the popular browsers are listed as being vulnerable. looks like someone can inject a frame into a target window if the window's name is known. as usual don't be an idiot playing with your money or doing anything important online

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Helps to have the direct link to the vulnerability since Secunia lists many:


    Interestingly enough, I tried it on my Mozilla and couldn't get either version to work. They say they have tested it on Mozilla 1.7.3 (which is what I have) but their sample tests didn't do anything. Anyone else get results?
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Hi mom!
    Join Date
    Aug 2001
    Posts
    1,103
    I'm using a recent Nightly Build of the Mozilla Suite (Mozilla 1.8a6 "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8a6) Gecko/20041206") and the test works for me. that is: my browser is vulnerable.

    I opened the "With Pop-up Blocker" link at this page and followed the instructions on that page (clicked on the button that's mentioned in step 1).

    I got a popup with this message:
    The pop-up window you requested to open via the CitiBank web site is now controlled by Secunia.com.
    EDIT: There seems to be a bug (?) in AntiOnline: the url gets a
    after a number of characters. Remove it from the URL, otherwise you'll get forwarded to a 404-page. The last part of the URL should be: vulnerability_test/
    I wish to express my gratitude to the people of Italy. Thank you for inventing pizza.

  4. #4
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,915
    Hey Hey,

    I've played with it on IE 6.0.2900.2180.xpsp_sp2_rtm_040803-2158 and it's also vulnerable to it...

    However I can definately confirm that lynx and links aren't vulnerable ... I guess the real browsers never really break.... Yet another reason why fancy GUIs and multiple windows are useless :P


    Here's what I'm wondering... can we really call it a vulnerability? It's a serious of commands functioning exactly how they're supposed to.. It's really more of problem of someone having the time to think of this.... It's actually a series of legit commands... are we going to redefine standards and protocols so that target doesn't exist anymore?? I'm not sure I blame the browser vendors on this one.... The only real fix is to have each new browser window keep track of it's parent window and only allow actions to be passed to it from _parent and _self... Browsers are already big enough memory hogs.. I think this would only make that issue worse..

    Peace,
    HT

  5. #5
    Hi mom!
    Join Date
    Aug 2001
    Posts
    1,103
    Secunia was able to take over a link on the website of a bank. If you don't want to call it a bug, call it at least a security defect
    I wish to express my gratitude to the people of Italy. Thank you for inventing pizza.

  6. #6
    I got this information from another source today and tested on my XP SP2/IE 6.0.2900. I have Google toolbar installed, but the IE popup blocker worked, even though it is claimed to bypass it.

    Not sure about Secunia's claims. They have been pretty sound in the past.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •