Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Abusing Re-directs on Firefox.
Posted by: Anonymous User
Date: February 13, 2008 10:33PM

Easier than you might think.
hxxp://:www.gmail.com   -     - a ton of spaces or chars -     -         @av.rds.yahoo.com/**http%3a//www.e-gold.com
Just copy all the stuff above in firefox (minus xx) and watch.

it uses tx latest redirect on yahoo, but more cool is that Firefox can be tricked this way in a multiple sp00f!

Options: ReplyQuote
Re: Abusing Re-directs on Firefox.
Posted by: trev
Date: February 15, 2008 06:45AM

What's the spoof here? I put an example link below (ignoring the Yahoo redirect which is a different beast) - moving the mouse over the link will show "yahoo.com" (the real target of the link) and you will also see "yahoo.com" in the address bar. "google.com" only shows up in the HTML source where no user will see it. Testing in Firefox 2.0.0.12.

[url=http://:google.com @www.yahoo.com/]link[/url]

Options: ReplyQuote
Re: Abusing Re-directs on Firefox.
Posted by: Anonymous User
Date: February 15, 2008 07:34AM

Ever heard of tricking filters this way? like whitelisted domains and RegEx filters? And how about tricking the firefox anti phising filter? they can't block these.

FYI this is an issue and has been taken a such in Bugzilla. Keep on downplaying the Mozilla issues, fine with me.



Edited 1 time(s). Last edit at 02/15/2008 07:36AM by Ronald.

Options: ReplyQuote
Re: Abusing Re-directs on Firefox.
Posted by: trev
Date: February 15, 2008 09:57AM

Quote

Ever heard of tricking filters this way? like whitelisted domains and RegEx filters?
That would be an issue with the filters - their URL processing is flawed. Which ones do you have in mind?

Quote

And how about tricking the firefox anti phising filter?
Hm... I try [url=http://:www.google.com @www.mozilla.com/firefox/its-a-trap.html]this link[/url] - somehow the phishing filter isn't too fooled (tested in Firefox 2.0.0.12 and Firefox 3 nightly build).

[quote]FYI this is an issue and has been taken a such in Bugzilla.[/quote]
Everything that might be security-relevant is taken up as a bug. But I am not a browser developer, so I fail to see how it can be used for spoofing. And answering this question would certainly be more constructive than showing off here.

Options: ReplyQuote
Re: Abusing Re-directs on Firefox.
Posted by: Anonymous User
Date: February 15, 2008 10:19AM

What showing of? you fucking moron, I don't run a security company, I ask no-one to visit my site, I clearly doing anything to get out of Google, so fuck that you bastard.

Options: ReplyQuote
Re: Abusing Re-directs on Firefox.
Posted by: thrill
Date: February 15, 2008 05:50PM

Ok guys, valentine's day is over.. no need to show the rest of us how much you guys love each other.. :)

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: Abusing Re-directs on Firefox.
Posted by: rsnake
Date: February 21, 2008 11:51AM

Just an FYI - Ronald has personally asked me to remove his account.

I've been ultra out of pocket the last three weeks, but I'm just now catching up. I think what Ronald was saying is that the first part fools a user visually, while the second part fools any white listing put in by the site where the link is housed, or by anti-spam/phishing filters in email or what have you that would normally block links to the target (e-gold in his case).

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote


Sorry, only registered users may post in this forum.