fake location bar

From: Liu Die Yu (liudieyuinchina_at_yahoo.com.cn)
Date: 05/13/03

  • Next message: Executable Security: "Detailed analysis: Buffer overflow in Explorer.exe on Windows XP SP1" 
    Date: 13 May 2003 11:56:05 -0000
To: bugtraq@securityfocus.com
    ('binary' encoding is not supported, stored as-is)

    fake location bar
    ("that's all" is end of file if you are in a hurry)

    [tested]
    Browser Ver:"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.0.2)
    Gecko/20030208 Netscape/7.02 "
    OS Ver: "Windows XP Cn ver"

    [demo]
    http://liudieyuinchina.vip.sina.com/NSNVBackFake/NSNVBackFake-MyPage.htm

    [screenshot]
    http://liudieyuinchina.vip.sina.com/NSNVBackFake/NSNVBackFake-
    Screenshot.htm

    [exp]
    you open
    [CODE.URL]javascript:'some text'
    in a new window.
    then navigate that window to 'http://www.google.com'.
    at last, "history.back()" to make it back to 'some text'.

    as you can see in the demo:
    location bar is faked.

    that's all

    [how]
    i often check netscape navigator's version by
    menu item: "Help" --> "About Netscape",
    which navigates my browser to "about:".
    after checking it, i navigated to another URL. accidently i
    pressed "Back", then the location bar didn't match content.

    after several mechanical tries, i got this.

    [Krade Internal Test]
    i am developing a new plugin for Internet Explorer:

    http://liudieyuinchina.vip.sina.com/KradeInternalTest

    it's a BHO(browser helper object) enhancing web surfing.
    i'll try my best to realize requested features sent to me. so feel free to
    request features.
     
    [greetings]
    after gean discarded me, life is becoming harder and harder. i would like
    to thank the following people who continuously help me:

    the pull
    dror (www.SafeCenter.net)
    and always: mom& dad.

    in the very end: thanx for reading, all readers.

    best wishes

    -----
    if you can't access resources mentioned in this document, try:
    http://umbrella.mx.tc

  • Next message: Executable Security: "Detailed analysis: Buffer overflow in Explorer.exe on Windows XP SP1"

    Relevant Pages

    • ZoneAlarm ver 5.0.590.015 (latest)
      ... There are many reports about ... I have had 3-4 myself and have gone back to ver 4.5.594.000. ... Doesn't remember which tab you were in when you Xed out of the window. ... Seems to interfere with the Microsoft download ...
      (microsoft.public.windowsxp.general)
    • ZoneAlarm ver 5.0.590.015 (latest)
      ... There are many reports about ... I have had 3-4 myself and have gone back to ver 4.5.594.000. ... Doesn't remember which tab you were in when you Xed out of the window. ... Seems to interfere with the Microsoft download ...
      (microsoft.public.windowsxp.basics)
    • ZoneAlarm ver 5.0.590.015 (latest)
      ... There are many reports about ... I have had 3-4 myself and have gone back to ver 4.5.594.000. ... Doesn't remember which tab you were in when you Xed out of the window. ... Seems to interfere with the Microsoft download ...
      (microsoft.public.security.virus)
    • ZoneAlarm ver 5.0.590.015 (latest)
      ... There are many reports about ... I have had 3-4 myself and have gone back to ver 4.5.594.000. ... Doesn't remember which tab you were in when you Xed out of the window. ... Seems to interfere with the Microsoft download ...
      (microsoft.public.windowsxp.security_admin)
    • ZoneAlarm ver 5.0.590.015 (latest)
      ... There are many reports about ... I have had 3-4 myself and have gone back to ver 4.5.594.000. ... Doesn't remember which tab you were in when you Xed out of the window. ... Seems to interfere with the Microsoft download ...
      (microsoft.public.windowsxp.help_and_support)