Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Firefox focus stealing vulnerability (possibly other browsers)
From: "pdp (architect)" <pdp.gnucitizen () googlemail com>
Date: Sun, 11 Feb 2007 21:19:41 +0000

here is an idea... we can combine both techniques into a single
attack... the hardest part of your hack is to force the user to type
:// plus several other / but if we steel the focus from the address
bar, unaware users will type something like this http://www.google.com
for example, which is what we want.

On 2/11/07, pdp (architect) <pdp.gnucitizen () googlemail com> wrote:
try this

<input id="foo" type="text"/>
<script>
setInterval(function () {
document.getElementById('foo').focus();
},1);
</script>

:) the address bar is disabled...

On 2/11/07, pdp (architect) <pdp.gnucitizen () googlemail com> wrote:
phh :), I found something very interesting when testing your IE
example... every time I try to type something in the address bar, the
focus is redirected back to the input box. I wonder if it is possible
to capture what the user is typing in the address bar. That would be
neat... I am just checking your code to see what the hell is going on.

On 2/11/07, Michal Zalewski <lcamtuf () dione ids pl> wrote:
On Sun, 11 Feb 2007, pdp (architect) wrote:

IE is vulnerable too, since I used to play around with this bug long
time ago.

Possibly MS00-093, but that's long fixed. But yes, MSIE variant is
possible, though more contrived.

/mz



--
pdp (architect) | petko d. petkov
http://www.gnucitizen.org



--
pdp (architect) | petko d. petkov
http://www.gnucitizen.org



-- 
pdp (architect) | petko d. petkov
http://www.gnucitizen.org

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]