Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Unstoppable, unclosable, FULL SCREEN popups
Posted by: ma1
Date: August 07, 2007 11:44AM

What about spoofing a whole desktop?

--
*hackademix.net*

There's a browser safer than Firefox... Firefox, with NoScript

Options: ReplyQuote
Re: Unstoppable, unclosable, FULL SCREEN popups
Posted by: tx
Date: August 07, 2007 12:32PM

Woah, running that demo with Firebug open crashed FF, like immediately.

Edit: Can't reproduce it *shrug*.

-tx @ lowtech-labs.org



Edited 1 time(s). Last edit at 08/07/2007 12:34PM by tx.

Options: ReplyQuote
Re: Unstoppable, unclosable, FULL SCREEN popups
Posted by: ma1
Date: August 07, 2007 12:52PM

@tx:
"Can't reproduce" the crash, right?
But the demos work, don't them?
If not, could you tell me something about your configuration?
Thanks.

--
*hackademix.net*

There's a browser safer than Firefox... Firefox, with NoScript

Options: ReplyQuote
Re: Unstoppable, unclosable, FULL SCREEN popups
Posted by: Anonymous User
Date: August 07, 2007 12:54PM

Evil. Very evil. Well researched!

Options: ReplyQuote
Re: Unstoppable, unclosable, FULL SCREEN popups
Posted by: tx
Date: August 07, 2007 01:01PM

@mal: oh yeah, the demos work perfectly, I can't reproduce the crash. Just in case anyone else can, I believe my actions were:
1) go to demo page in FF
2) open Firebug
3) Enable scripting with noscript
4) crash!

-tx @ lowtech-labs.org

Options: ReplyQuote
Re: Unstoppable, unclosable, FULL SCREEN popups
Posted by: John
Date: August 07, 2007 01:56PM

I honestly just popped one off to this.

Simply amazing.

Options: ReplyQuote
Re: Unstoppable, unclosable, FULL SCREEN popups
Posted by: ma1
Date: August 08, 2007 04:59AM

For those interested in disclosure policies, a little update.

--
*hackademix.net*

There's a browser safer than Firefox... Firefox, with NoScript

Options: ReplyQuote
Re: Unstoppable, unclosable, FULL SCREEN popups
Posted by: Kyran
Date: August 22, 2007 01:13AM

Java is pure evil?
I'm not arguing.

- Kyran

Options: ReplyQuote
Re: Unstoppable, unclosable, FULL SCREEN popups
Posted by: Om
Date: August 22, 2007 02:35AM

Jus decompiled the class files and gave a running look.
Don't have much experience with awt but pretty neat, I must say :)

BTW, considering that applets execute inside the sandbox, what *evil* attacks can you think of?

Another reason to use NoScript. :D

---
I'd love to change the world,
but they won't gimme the source code.
Code in my Bug!



Edited 1 time(s). Last edit at 08/22/2007 02:39AM by Om.

Options: ReplyQuote
Re: Unstoppable, unclosable, FULL SCREEN popups
Posted by: Anonymous User
Date: August 22, 2007 08:56AM

Well it gets worse, I found that Javascript can access the Java.Swing Class as well. Which is another way of launching popups cross browser, but not in MSIE.

Options: ReplyQuote
Re: Unstoppable, unclosable, FULL SCREEN popups
Posted by: ma1
Date: August 23, 2007 06:07AM

@Om:
Spoofing user's desktop from web content is considered quite naughty, if not evil, by most security experts and browser vendors ;)

@Ronald:
There's no reason for LiveConnect or applets in general being prevented from accessing the javax.swing package, as this doesn't grant caller any new "evil" power: javax.swing.JFrame and javax.swing.JWindow are just lightweight wrappers for their java.awt.Frame and java.awt.Window native counterparts, hence fixing AWT should suffice to close this hole.

--
*hackademix.net*

There's a browser safer than Firefox... Firefox, with NoScript

Options: ReplyQuote
Re: Unstoppable, unclosable, FULL SCREEN popups
Posted by: Om
Date: August 23, 2007 06:51AM

@ma1:
I guess I should've been more clear. Apologies for that. :)

Desktop spoofing is something you have already mentioned on your blog. What I meant was, has anyone thought of a way to actually steal data from the system. Maybe not directly, but combining with some other flaw (viz, recent URI vulnerabilities)... or may be I am flying a li'll too high.

---
I'd love to change the world,
but they won't gimme the source code.
Code in my Bug!

Options: ReplyQuote
Re: Unstoppable, unclosable, FULL SCREEN popups
Posted by: Anonymous User
Date: August 23, 2007 08:47PM

So what, Firefox sucks.

Options: ReplyQuote
Re: Unstoppable, unclosable, FULL SCREEN popups
Posted by: krazl
Date: August 24, 2007 03:02AM

cool...but where's the coding?

Options: ReplyQuote
Re: Unstoppable, unclosable, FULL SCREEN popups
Posted by: Anonymous User
Date: August 24, 2007 04:22AM

It can be done simply with the Java libs that are available through LiveConnect. With it you can read the filesystem, create socket connections, and erm popups! ^^ I heard Firefox is going to drop Liveconnect in Mozilla 2.0 Which might be best for everyone.

Options: ReplyQuote


Sorry, only registered users may post in this forum.