mailing list archives
Fake Applications in browser
From: Roman Kümmel <ccuminn () soom cz>
Date: Sun, 17 Mar 2013 18:11:47 +0100
Hello to everyone,
I thought to create any Proof of Concepts about faking applications in
web browser after I saw "Browser Event hijacking"
(http://labs.neohapsis.com/2012/11/14/browser-event-hijacking/) with the
CTRL+F trick and with fake search bar in browser.
It is possible to hijack user's admin password or their files with saved
passwords or any configuration files, etc.
It is possible to make fake web browser in real web browser as well :)
It allows to get Man in the middle position between users and web servers.
I presented this technique "Fake Applications in browser" in Prague at
SOOM.cz Hacking & Security Conference (March 2013) and I describe it in
It is written in czech language, so you must read it with (Google)
Roman Kümmel aka .cCuMiNn.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- Fake Applications in browser Roman Kümmel (Mar 17)