mailing list archives
Re: Malicious Mozilla/Firefox/Thunderbird/Etc Extension
From: Alexandru Burciu <alexbu () gmail com>
Date: Sat, 26 Jul 2008 22:25:11 +0300
Here's just a quick example of such threat:
FFsniFF (FireFox sniFFer) is a simple Firefox extension, which
transforms your browser into the html form sniffer. Every time the user
click on 'Submit' button, FFsniFF will try to find a non-blank password
field in the form. If it's found, entire form (also with URL) is sent to
the specified e-mail address. It also has the ability to hide itself in
the 'Extensions manager'. This extension is meant to be as an example of
the 'evil side of Firefox extensions'.
On Mon, Jul 14, 2008 at 1:55 PM, Andrei Hanganu <handrei () gmail com> wrote:
I have recently started work on a xpcom component for Firefox,
astonished i was by the fact that in an XPI archive file one can
include binary libraries (dll/so files) that get auto loaded in
firefox via a precise function prototype. The problem is that the code
in that component is allowed to do anything the user that runs firefox
has credentials to do.
Wham i am curious is if there have ever been reported malicious
mozilla extensions, and if besides the signing of the addon is there
any other way to protect from such addons.
Description: OpenPGP digital signature