Re: [Full-disclosure] Drive-by Pharming Threat

[Gaurang Pandya <gaubrig@xxxxxxxxx>]

just wondering why cant simple perl script be used
instead??

Gaurang.
--- Martin Johns <martin.johns@xxxxxxxxx> wrote:

> On 2/19/07, auto400208@xxxxxxxxxxxx <
> auto400208@xxxxxxxxxxxx> wrote:
> > I am curious as to how one "automatically" logs
> on?
> 
> There are several potential methods (depending on
> the victim's browser):
> 1) Older versions of Flash allow the spoofing of
> arbitrary http
> headers [1] thus allowing the creation of attacker
> controlled
> Authorization-headers.
> 2) Firefox does not display http-authentication
> warnings if the http
> request was generated by the browser's link-prefetch
> mechanism [2].
> 3) An anti-DNS-pinning attack [3] can be executed to
> break the
> same-origin policy. Then the low-level socket
> functions of either
> Flash (all browsers) [4] or Java (Firefox and Opera)
> [5] could be
> employed to create arbitrary http requests.
> 
> [1]
>
http://www.securityfocus.com/archive/1/441014/30/0/threaded
> [2]
>
http://blog.php-security.org/archives/56-Bruteforcing-HTTP-Auth-in-Firefox-with-JavaScript.html
> [3] http://shampoo.antville.org/stories/1451301/
> [4] http://www.jumperz.net/index.php?i=2&a=1&b=8
> [5] http://shampoo.antville.org/stories/1566124/
> 
> -- 
> Martin Johns
> http://shampoo.antville.org
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
>
http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia -
> http://secunia.com/
> 



 
____________________________________________________________________________________
Bored stiff? Loosen up... 
Download and play hundreds of games for free on Yahoo! Games.
http://games.yahoo.com/games/front

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/