|
阅读:2322回复:3
刚看到的,不知道有人贴过没有-- 警惕,URL欺骗漏洞盯上Firefox
最近,Bitlance Winter新发现了一个Firefox漏洞。之前,Bitlance曾披露过一个存在Internet Explorer和Outlook Express的重要漏洞——程序状态栏显示假冒URL,其声名得以雀起。不过,今次漏洞的对象转为Firefox,Thunderbird以及 Mozilla Suite,并且包括这些软件的全部版本。
庆幸的是,bitlance已经找到解决状态栏问题的方法。不过,该方法只适用于Firefox, Thunderbird以及Mozilla Suite。今次诡计与之前不同的是,它利用了一个嵌套链接标记(典型的链接标记如:<a href='someurl.htm'>some text to click on</a>),使到状态栏只显示第一个标记的内容,但用户实际被重定向到内部标记的目标地址。 当用户"右击"链接和选择"保存链接为..."时,假冒链接就会出现。habaneronetworks网站已经提供漏洞演示,大家可以点击这里查看。 http://www.pconline.com.cn/pcedu/softnews/bingdu/0503/575163.html Nested Anchor Tag Opens Flaw In Firefox and Others Posted at 2005-03-15 10:20:00 GMT bitlance winter has come up with yet another flaw in Firefox. bitlance has been given credit for a previous flaw discovery in Internet Explorer and Outlook Express. The previous hole centered around URI spoofing in the status bar of both applications. This recent discovery is for Firefox, Thunderbird and the Mozilla Suite and there are no current versions that are not susceptable to the flaw. In the IE and OE URI spoofing flaw, bitlance discovered that wrapping a URI in simple HTML elements could easily fool the status bar into displaying information that is inacurate. The flaw did not work in Firefox or it's relatives and the correct URL was displayed in the statusbar for these applications ignoring the tricky code. However, bitlance has discovered another way to trick the status bar, but this time in Firefox, Thunderbird and the Mozilla Suite. The flaw uses similar tactics but instead utilizes a typical anchor tag (<a href='someurl.htm'>some text to click on</a>) wrapped around another anchor tag. The effect is that the Status Bar displays the first tags contents while the user is actually redirected to the internal tag's destination. The flaw is only exploitable if the user 'right-click's on the link and selects 'Save Link As...'. The following modified proof of concept shows the exploit in action. download : http://www.habaneronetworks.com/images/hablogo.gif By clicking on the link (in Firefox) you are just shown the Habanero Networks logo, however, if you 'right-click' on the link and select save as, you are actually downloading Ebays logo from their site. In Internet Explorer, the status bar displays the correct URI as http://pics.ebaystatic.com/aw/pics/navb ... LogoTM.gif. Related Articles Major Phishing Hole Found In IE and Outlook Express Major Phishing Hole In Firefox, Opera, And Others Flaw Discovered With Mozilla and Firefox This page has been accessed 737 times Comments Add a Comment Submitted by: BlackTiger at 2005-03-15 04:53:25 Isn't 100% true! Press and hold mouse button over this "link" to see real url. This is VERY OLD way to get real destination of link (from Netscape). Submitted by: Jay at 2005-03-15 05:31:44 That is a great tip from BlackTiger! I never knew that one. Thanks! Submitted by: Blair at 2005-03-15 07:25:02 Works as expected (showing ebay) in status bar, with latest nightly build of Firefox http://habaneronetworks.com/viewArticle.php?ID=174 |
|
|
1楼#
发布于:2005-03-17 23:13
|
|
|
2楼#
发布于:2005-03-17 23:13
savagesong:对了,还有一个问题请教大家,我上迪派网的论坛图片打不开不知道怎么解决阿。好比说这个 打开图片提示: 未找到地址错误 未知协议错误 连接失败错误 网络超时错误 重定向循环错误 未知套接字错误 网络重置错误 脱机错误 找不到 <!-- w --><a class="postlink" href="http://www.dpnet.com.cn%5cnewbbs%5c10image">www.dpnet.com.cn%5cnewbbs%5c10image</a><!-- w -->。请检查名称并重试。 地址(URL)格式非法且无法读取。典型的地址以"http://"开始,然后是地址(例如. <!-- w --><a class="postlink" href="http://www.netscape.com">www.netscape.com</a><!-- w -->),然后接着内容的路径(或者只有"/")。通常,此问题是由于使用反斜杠(\)代替了斜杠(/)引起。 地址(URL)指定的文件无法找到。请检查确定文件存在而且您有足够的权限来查看它。 没有和该地址(URL)对应的站点,无法载入。这可能由于输入了错误的地址而引起。如果确信地址是正确的,或者很多站点都存在该问题,这很可能是您的代理服务(如果您使用了的话)或者文件夹名称查找造成。这中情况下,您应该参考或者请教系统文档,管理员或者因特网服务提供商(ISP)以获取更进一步的帮助。 |
|
|
|
3楼#
发布于:2005-03-17 23:13
savagesong:对了,还有一个问题请教大家,我上迪派网的论坛图片打不开不知道怎么解决阿。好比说这个 谢谢楼主告警! 上面的地址我可以看到,没发现什么问题。 |
|
|
