Re: "New Universal Man-in-the-Middle Phishing Kit" ?

---

• From: Barry Margolin <barmar@xxxxxxxxxxxx>
• Date: Thu, 18 Jan 2007 20:54:29 -0500

---

In article <1169106344.216078@xxxxxxxxxxxxxxxxxxxxxxx>,
mak <mak@xxxxxxxxxx> wrote:

Barry Margolin wrote:

...snip...
how does an URL communicate with anything?

They mean "the server accessed via the URL".

that's what i thought,

and why wouldn't my browser complain about an invalid certificate for my
banks site?

You're not going to your bank's site, your going to the phisher's site
because you clicked on the fraudulent URL he sent you. The phisher has
a valid certificate for his own site, of course, so there's nothing for
your browser to complain about (it has no way of knowing where you
*think* you're going).

ok,
but then I will see the bogus URL
as in:

http://www.mybank.com.onlineid3979954057.rwrth.ws/customer.htm

in my browser, right?

Maybe. But that's true of traditional phishing sites, it's nothing new
in this case. The MitM attack simply adds the ability of the site to
display things on the page that supposedly only the real site can
display (such as your last ATM transaction).

--
Barry Margolin, barmar@xxxxxxxxxxxx
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
.

---

• Follow-Ups:
  • Re: "New Universal Man-in-the-Middle Phishing Kit" ?
    • From: Anne & Lynn Wheeler

• References:
  • "New Universal Man-in-the-Middle Phishing Kit" ?
    • From: mak
  • Re: "New Universal Man-in-the-Middle Phishing Kit" ?
    • From: Barry Margolin
  • Re: "New Universal Man-in-the-Middle Phishing Kit" ?
    • From: mak

• Prev by Date: Re: "New Universal Man-in-the-Middle Phishing Kit" ?
• Next by Date: Re: "New Universal Man-in-the-Middle Phishing Kit" ?
• Previous by thread: Re: "New Universal Man-in-the-Middle Phishing Kit" ?
• Next by thread: Re: "New Universal Man-in-the-Middle Phishing Kit" ?
• Index(es):
  • Date
  • Thread

---

Relevant Pages RE: data disappearing problem on the forms when navigate ... pages are displayed in browser through different http requests to server. ... When we use back button of browser, it may display the previous page with ... ASP.NET 2.0's wizard control as mentioned in your another thread. ... (microsoft.public.dotnet.framework.aspnet) Re: displaying text while page is loading ... >> i'm trying to display text while a page is loading using a method ... > at which stage the web server and your php have allready forgotten about ... but the rest of the time the client is disconnected. ... if the browser is capable. ... (comp.lang.php) Re: Immediately display changes to an HTML element ... I need to be able to display the first message right off, ... You are using synchronous XML HTTP requests, ... the browser gets the chance to update the display while the XML HTTP ... request is doing its round trip to the server. ... (comp.lang.javascript) Re: not populating form fields (php,mysql) ... > Ian Rutgers wrote: ... >> other users table info (for display only). ... > Try doing a right-click view page source in your browser to see what PHP ... > In other words, since all queries need to be resolved on the server, how ... (php.general) RE: MySQL/PHPMyAdmin on FC3 Connection Problem ... // You can disable a server config entry by setting host to ''. ... MySQL server ... MySQL control user settings ... table to describe the display fields ... (Fedora)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(10)