[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] file upload widgets in IE and Firefox have issues

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] file upload widgets in IE and Firefox have issues
From: "Brian Eaton" <eaton.lists@xxxxxxxxx>
Date: Wed, 7 Jun 2006 12:17:44 -0400

On 6/7/06, Michel Lemay <mlemay@xxxxxxxxx> wrote:

Would it be possible to use a similar technique to generate an URL with
query parameters containing user keystrokes?  This URL could then be
submitted to any compromised website.  The attacker could then look into
logs and have a peek at theses submitted requests.


Yes, people have prototyped javascript key loggers.

http://www.whitehatsec.com/presentations/phishing_superbait.pdf

The whole presentation is pretty good, but the specific example
relevant to your question starts around page 28.  I don't know of any
attacks like this seen in the wild so far.  The presentation suggests
that once two-factor auth becomes common this is where attackers will
go next.  That makes sense to me.

- Brian

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] file upload widgets in IE and Firefox have issues
  - From: Michel Lemay

Prev by Date: Re: [Full-disclosure] n3td3v agenda revealed
Next by Date: Re: [Full-disclosure] Strange Emails -- What are they?
Previous by thread: [Full-disclosure] file upload widgets in IE and Firefox have issues
Next by thread: [Full-disclosure] file upload widgets in IE and Firefox have issues
Index(es):
- Date
- Thread