-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thanks. I'm sure there are many ways to achieve each step separately (see my reply to Andrew), to build this each and everything into functional "drive by" attack seems far fetched. Your details below add even more hurdles IMO. You'll be build a monster all encompassing, browser, version, plus router mega exploit. Unless the first two I mention to Andrew can be overcome easily. This is all very far from a "drive by" vuln. On Mon, 19 Feb 2007 16:23:29 -0500 Martin Johns <martin.johns@xxxxxxxxx> wrote: >On 2/19/07, auto400208@xxxxxxxxxxxx < auto400208@xxxxxxxxxxxx> >wrote: >> I am curious as to how one "automatically" logs on? > >There are several potential methods (depending on the victim's >browser): >1) Older versions of Flash allow the spoofing of arbitrary http >headers [1] thus allowing the creation of attacker controlled >Authorization-headers. >2) Firefox does not display http-authentication warnings if the >http >request was generated by the browser's link-prefetch mechanism >[2]. >3) An anti-DNS-pinning attack [3] can be executed to break the >same-origin policy. Then the low-level socket functions of either >Flash (all browsers) [4] or Java (Firefox and Opera) [5] could be >employed to create arbitrary http requests. > >[1] http://www.securityfocus.com/archive/1/441014/30/0/threaded >[2] http://blog.php-security.org/archives/56-Bruteforcing-HTTP- >Auth-in-Firefox-with-JavaScript.html >[3] http://shampoo.antville.org/stories/1451301/ >[4] http://www.jumperz.net/index.php?i=2&a=1&b=8 >[5] http://shampoo.antville.org/stories/1566124/ > >-- >Martin Johns >http://shampoo.antville.org -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.5 wpwEAQECAAYFAkXaPpUACgkQ8swcuoVgWHDTrgP/WU4bKcaAal+0pZoQ5HXw4J+lY/yg vgxUf/70VxLo/XyePAWy/Gz1+A5eAg1sq3kX40a1Et7f0lf9VsHhP72WaJYVsaUYC0Nt IZM/nQmqVj2mn2D9KpB2p5vewpsY1TgmORS91QHCUDQBHgTM0mCZdLXnlO50GD0vm8SG LezrSAY= =i8sj -----END PGP SIGNATURE----- -- Click to consolidate your debt and lower your monthly expenses http://tagline.hushmail.com/fc/CAaCXv1QPRPcBJzTcaarTIE0MlLYCRdr/
