Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: [Full-disclosure] Drive-by Pharming Threat
From: Martin Johns (martin.johnsgmail.com)
Date: Mon Feb 19 2007 - 15:23:29 CST
On 2/19/07, auto400208hushmail.com < auto400208hushmail.com> wrote:
> I am curious as to how one "automatically" logs on?
There are several potential methods (depending on the victim's browser):
1) Older versions of Flash allow the spoofing of arbitrary http
headers  thus allowing the creation of attacker controlled
2) Firefox does not display http-authentication warnings if the http
request was generated by the browser's link-prefetch mechanism .
3) An anti-DNS-pinning attack  can be executed to break the
same-origin policy. Then the low-level socket functions of either
Flash (all browsers)  or Java (Firefox and Opera)  could be
employed to create arbitrary http requests.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/