> -----Original Message----- > From: Polazzo Justin [mailto:Justin.Polazzo@xxxxxxxxxxxxxxxxxxxxx] > Sent: Monday, July 12, 2004 12:22 PM > To: Drew Copley > Cc: bugtraq@xxxxxxxxxxxxxxxxx > Subject: RE: MSIE Download Window Filename + Filetype > Spoofing Vulnerability > > Should you not be able to tile your gui any way you please? You can title your UI anyway you please. > > Someone may be thinking that you could put an image in front > of the security box in order to trick users into clicking on > "open" without knowledge. I noticed that you cant click on > the buttons when the image is in front of them. > I haven't checked out the new demo, but it is inconsquential, you can totally change the contents of the window so that "No" becomes "yes", or "yes" becomes "no", or whatever else. [By stating, "Do Not Run This App", for instance, turns the positive into the negative.] "Close this window"? "Yes". Boom. There are countless variations on this as you can put in there, around there, all around anything you want. It is a pain to make a really good demo, though, this is why no one has probably messed with it. And, it is likely too old for the current wave of criminals to get a handle on it. Well, not anymore. But, thankfully, Microsoft fixed this in SP 2. Hopefully everyone else will get this fix in their IE as well. > Would you be able to have an insane speed at which the object > moves over the buttons, or a pulse action to where the image > would appear to be solid, but would still select "open" when pressed? Yeah, you can probably flicker it and hide it as well. Really, the exploitation is for an artist... > > jp > > -----Original Message----- > From: Drew Copley [mailto:dcopley@xxxxxxxx] >
