Re: IE URL obfuscation

From: Josh Tanski (mortonjt_at_ROCHESTER.RR.COM)
Date: 12/10/03

  • Next message: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "New Security resources at Microsoft"
    Date:         Wed, 10 Dec 2003 13:36:57 -0500
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    Ran some real quick tests with a fully patched IE6.0 on W2K:

    If you put www.microsoft.com in the Trusted Sites Zone, when you try the
    exploit at http://www.zapthedingbat.com/security/ex01/vun1.htm, IE still
    displays the icon for the Internet Zone.

    However, if you put www.zapthedingbat.com in the restricted sites (and
    enable active scripting...), when you run the exploit url, IE displays the
    Internet Zone icon instead of the restricted sites zone icon.

    Same thing if you put it in www.zapthedingbat.com in Trusted Sites or Local
    Internet, it seems to always run in the Internet Zone. So it does not
    appear to be able to be used to spoof better trust than the Internet Zone.
    Anyone confirm/deny this? I didn't try recreating the exploit for myself to
    see if scripts/activex could actually be run that shouldn't be.

    Josh

    ----
    NTBugtraq subscribers save $103.00 off the TICSA exam by using promo
    code "NT1003" when registering to take the TICSA exam at www.2test.com.
    Prove to your employer and peers that you have the knowledge and
    abilities to be an active stakeholder in today's enterprise security.
    Become TICSA certified www.trusecure.com/ticsa.  Promotion expires
    12/31/03 and cannot be used in combination with other offers.
    ----
    

  • Next message: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "New Security resources at Microsoft"

    Relevant Pages

    • RE: [Full-Disclosure] RE: COELACANTH: Phreak Phishing Expedition
      ... Yes in fact Trusted Sites and Intranet Sites ... privileges can be gained through this vulnerability. ... You can't replicate this with most other servers because the Host header ... security zone it should use to render the HTML. ...
      (Full-Disclosure)
    • Re: 0x800A1391
      ... Try adding the following sites to the IE Trusted Sites zone ... it's Patti MacLeod, MS-MVP. ... |>>> Add button next to the Add this Web site to the zone box to add the ...
      (microsoft.public.windowsupdate)
    • Re: Internet Explorer Group Policy question
      ... Internet Explorer Maintenance acts as Preferences. ... The site to zone assignment settings enforce settings. ... Add two entries to the Trusted Sites Zone ... Enable "Allow websites to open windows without address or status bar." ...
      (microsoft.public.windows.group_policy)
    • Re: Page with Mark of the Web not Trusted
      ... When you visit the site (that you've added to the Trusted Zone), do you see the Trusted sites icon in the status bar? ... >> still opened using the Internet Zone security settings (the bottom right ... >> Restricted Zone settings are applied. ...
      (microsoft.public.windows.inetexplorer.ie6.browser)
    • Re: Distribute Trusted Sites in IE to XP clients
      ... Mike's post with trying to do that with GPO I was thinking that the Trusted ... Sites zone was what I was trying to accomplish but instead I had been trying ... you can put sites in the Trusted Sites zone with GPO. ... >>> Unfortunately I have about 50 workstations and users roam a lot. ...
      (microsoft.public.windows.server.sbs)