Re: IE URL obfuscation

• Previous message: Donovan Bernauer: "Re: IE URL obfuscation"
• In reply to: Ben Reardon: "IE URL obfuscation"
• Next in thread: Russ: "Re: IE URL obfuscation"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Wed, 10 Dec 2003 13:36:57 -0500
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

Ran some real quick tests with a fully patched IE6.0 on W2K:

If you put www.microsoft.com in the Trusted Sites Zone, when you try the
exploit at http://www.zapthedingbat.com/security/ex01/vun1.htm, IE still
displays the icon for the Internet Zone.

However, if you put www.zapthedingbat.com in the restricted sites (and
enable active scripting...), when you run the exploit url, IE displays the
Internet Zone icon instead of the restricted sites zone icon.

Same thing if you put it in www.zapthedingbat.com in Trusted Sites or Local
Internet, it seems to always run in the Internet Zone. So it does not
appear to be able to be used to spoof better trust than the Internet Zone.
Anyone confirm/deny this? I didn't try recreating the exploit for myself to
see if scripts/activex could actually be run that shouldn't be.

Josh

----
NTBugtraq subscribers save $103.00 off the TICSA exam by using promo
code "NT1003" when registering to take the TICSA exam at www.2test.com.
Prove to your employer and peers that you have the knowledge and
abilities to be an active stakeholder in today's enterprise security.
Become TICSA certified www.trusecure.com/ticsa.  Promotion expires
12/31/03 and cannot be used in combination with other offers.
----

• Previous message: Donovan Bernauer: "Re: IE URL obfuscation"
• In reply to: Ben Reardon: "IE URL obfuscation"
• Next in thread: Russ: "Re: IE URL obfuscation"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: [Full-Disclosure] RE: COELACANTH: Phreak Phishing Expedition ... Yes in fact Trusted Sites and Intranet Sites ... privileges can be gained through this vulnerability. ... You can't replicate this with most other servers because the Host header ... security zone it should use to render the HTML. ... (Full-Disclosure) Re: 0x800A1391 ... Try adding the following sites to the IE Trusted Sites zone ... it's Patti MacLeod, MS-MVP. ... |>>> Add button next to the Add this Web site to the zone box to add the ... (microsoft.public.windowsupdate) Re: Page with Mark of the Web not Trusted ... When you visit the site (that you've added to the Trusted Zone), do you see the Trusted sites icon in the status bar? ... >> still opened using the Internet Zone security settings (the bottom right ... >> Restricted Zone settings are applied. ... (microsoft.public.windows.inetexplorer.ie6.browser) Re: Distribute Trusted Sites in IE to XP clients ... Mike's post with trying to do that with GPO I was thinking that the Trusted ... Sites zone was what I was trying to accomplish but instead I had been trying ... you can put sites in the Trusted Sites zone with GPO. ... >>> Unfortunately I have about 50 workstations and users roam a lot. ... (microsoft.public.windows.server.sbs) Re: Project Guide requires trusted site? ... This isn't telling you that Project Server has to be in the trusted sites ... zone, it's telling you that the custom content must be. ... > custom content in our Project Guide. ... (microsoft.public.project.pro_and_server)