-
January 16th, 2004, 01:02 PM
#1
Exploit on Micro$oft Explorer
ive read some exploits from other site and just wanted to share this on read exploits here this will give a fake url to the user!!! you can get some private information if they put their PIN or crdit card no... so wat can you say about Micro$oft,,, ,
-
January 16th, 2004, 01:14 PM
#2
i found this exploits from other BBS forum n a local friend of the administrator der redice posted this one, ive tried to change the script and put it online & the exploit does work..the exploits goes like this the user can see that the URL address is the one that he/she wanted to visit, but what they dont see is that the real url add is hidden in the script, and if they type some information and press enter the information will be directed to the attackers, and the user will be directed to the real site.. this is just my explanation... and base from what ive read ..
-
January 16th, 2004, 01:32 PM
#3
Yup, came out just before Christmas last year.
I saw it detected on the 24/12/2003.
AV scanners do pick this up if you receive a malformed HTML email using OE.
McAfees description: http://us.mcafee.com/virusInfo/defau...virus_k=100927
If you want to run IE/OE it just shows the importance of having an AV scanner active at all times.
I had expected Microsoft to patch this, but I presume they were unable to do so
-
January 16th, 2004, 01:46 PM
#4
url exploit
Ow, you mean this exploit
<edit type="addition">
based down comes to this
it sends username www.microsoft.com[alt255]%00 to the server of www.antionline.com
</edit>
there have been multiple post about it . . .
ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio the best station for C64 Remixes !
-
January 16th, 2004, 03:27 PM
#5
Member
Everyone seems to keep making the mistake that this is an IE exploit, even security article writers. It's not a only a MS issue, the above syntax works on other browsers including some ver. of Mozilla.
[gloworange]
find /home/$newbie -name *? | www.google.com 2>/dev/null
[/gloworange]
-
January 16th, 2004, 03:45 PM
#6
uhm.. no..
I've not seen it work on Opera, Mozilla, Konqueror etc..
only IE !!
the only possible mozilla version I could imagine this working on would have to be one of the first test versions (using standard MFC crapp.)
This exploit was found before christmass and there there is still no fix !!
ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio the best station for C64 Remixes !
-
January 16th, 2004, 04:04 PM
#7
It doesn't really work on mozilla. On mozilla it will take you to the false page, but when you hover over the link, it shows an extra symbol at the end of the address, and using your example above,
will come out on the address bar.
ac
-
January 22nd, 2004, 02:04 AM
#8
Junior Member
interesting exploit, but for some reason when i type [Alt+255] on my pc, i get an _ (underscore).. why would that be??
-
January 22nd, 2004, 01:10 PM
#9
Junior Member
It all depends on your charset if in the html code you don't specify ISO-XXXX your browser uses the default
-
January 22nd, 2004, 02:28 PM
#10
gothic_type yup!! what you just quote is right
" http://www.microsoft.com%00@www.antionline.com " using the unreadable character (%01)@then the website .. they used that exploit to trick me, i guess the microsoft knows this but i haven't heard if they release a patch to fix it..
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|