[zz]Phishing Using FasterFox Prefetching

0 views
Skip to first unread message

大风

unread,
Jan 3, 2008, 8:46:13 PM1/3/08
to ph4...@googlegroups.com

 

原来浏览器还有prefetching这特性,值得研究一下

 

http://ha.ckers.org/blog/20080103/phishing-using-fasterfox-prefetching/

 

 

I actually had to read this email several times before I got it - paranoia taking over - I thought I was being told my site was hacked. No no, just another interesting way to abuse people that people find when visiting my site. This time, this email comes from Alex who found that pre-fetching can be used to phish users in certain circumstances.

When I’m visiting http://ha.ckers.org/blog/20070608/cross-domain-basic-auth-phishing-tactics/

my Firefox showed up the HTTP-Auth dialog immediately, which I placed on my subdomain testing.bitsploit.de But why I asked myself.

I looked into your HTML source to find a hidden image or something like this, but I didn’t found anything but the link. I haven’t clicked on the link, so why does it pop up ? Than I figured out, that the FasterFox-Extension for Firefox prefetches that link and that’s why the HTTP-Auth dialog pops up.

So there’s another chance to trick FasterFox-users (in forums) without having to use HTML/BBcode for embedding images.

Alex is absolutely right. In fact, this is the exact reason I never used to use Opera (it turns out this is not the same kind of prefetching that Opera does, I only just learned). Sure you can turn it off, but pre-fetching has always been a dangerous thing to me. It can speed things up because it pre-fetches and caches the results, but if it pre-fetches and triggers something, like auto-deletion of your account, or automatically adds something to a shopping cart or anything else, you run into some pretty serious problems. Think CSRF. So yes, this apparently can also be used for phishing in FasterFox. But either way, it’s a very cool example of why pre-fetching can be nasty.

 

 

[Ph4nt0m]

[Ph4nt0m Security Team]

                  @ph4nt0m

          Email:  ax...@ph4nt0m.org

          PingMe:

          === V3ry G00d, V3ry Str0ng ===

          === Ultim4te H4cking ===

          === XPLOITZ ! ===

          === #_# ===

#If you brave,there is nothing you cannot achieve.#

 

 

image001.gif

jANxIN

unread,
Jan 3, 2008, 11:51:39 PM1/3/08
to ph4...@googlegroups.com
刺说的不对吧,我记得应该是那个插件的...默认的firefox应该不存在这个问题

在08-1-4,大风 <opens...@gmail.com> 写道:

大风

unread,
Jan 4, 2008, 12:22:54 AM1/4/08
to ph4...@googlegroups.com

 

FasterFox-Extension

 

是的,应该是这个ff的扩展

 

[Ph4nt0m]

[Ph4nt0m Security Team]

                  @ph4nt0m

          Email:  ax...@ph4nt0m.org

          PingMe:

          === V3ry G00d, V3ry Str0ng ===

          === Ultim4te H4cking ===

          === XPLOITZ ! ===

          === #_# ===

#If you brave,there is nothing you cannot achieve.#

 

发件人: ph4nt0m@googlegroups.com [mailto:ph4nt0m@googlegroups.com] 代表 jANxIN
发送时间: 2008年1月4 12:52
收件人: ph4nt0m@googlegroups.com
主题: [Ph4nt0m] Re: [zz]Phishing Using FasterFox Prefetching

Reply all
Reply to author
Forward
0 new messages