mailing list archives
RE: RE: SUPER SPOOF DELUXE Re: Microsoft and Security
From: "http-equiv () excite com" <1 () malware com>
Date: Thu, 1 Jul 2004 21:52:17 -0000
That's very sweet of you my dear. Instead of guessing like you
normally do you, you're now thinking.
You're now replicating the exact same demos that are currently
on the table. Not like the pretended before. But you're a bit
late to the party. Because this has to be specially crafted and
is only functional under a set of circumstances. That my boy is
what security is about.
I am in the process of engaging a 'real' security expert, the
original finder from 6 years ago, to explain it, since despite
self-proclamations about our expertise, we all know nothing.
Some of us aren't shy about that, others...well...you know.
Thor Larholm <thor () pivx com> said:
Both you and I know perfectly well that Windows Update serves a
different page for non-IE browsers, and that that page does
any frames. You should focus on the facts instead of letting
for Microsoft overwhelm you.
Since you have trouble reproducing a very simple example I
put this example online:
Open the page. Click the first button called "Open window".
second button called "Load page". See that the page from
is now loaded inside the subframe on jscript.dk.
As you can see, this is perfectly reproduceable in both IE,
Firefox and Opera. This is of course provided that they allow
the first place, but as I mentioned in my previous posts you
acomplish the same with inline frames instead of a new browser
To make doubly sure, I even downloaded fresh copies of Firefox
(worked fine in 'Safe Mode' as well) and Opera 7.51.
Senior Security Researcher
23 Corporate Plaza #280
Newport Beach, CA 92660
thor () pivx com
Stock symbol: (PIVX.OB)
Phone: +1 (949) 231-8496
6BB1 B77F CB62 0D3D 5A82 C65D E1A4 157C 5A27 6569
PivX defines a new genre in Desktop Security: Proactive Threat
From: http-equiv () excite com [mailto:1 () malware com]
Sent: Thursday, July 01, 2004 1:09 PM
To: Thor Larholm; 1 () malware com; bugtraq () securityfocus com
Cc: NTBugtraq () listserv ntbugtraq com
Subject: RE: SUPER SPOOF DELUXE Re: [Full-disclosure]
Yes of course.
Two tiny problems though:
1. your little scriplet doesn't work for me. I get:
'W.frames.2.location' is null or not an object
2. If as you claim this is "standard practice" then there is
wrong with these browsers as it apparently does not work on
The following browsers are not affected:
* Mozilla Firefox 0.9 for Windows
* Mozilla Firefox 0.9.1 for Windows
* Mozilla 1.7 for Windows
* Mozilla 1.7 for Linux
Perhaps someone who really knows will enlighten us all.
Full-Disclosure - We believe in it.