here is an idea... we can combine both techniques into a single attack... the hardest part of your hack is to force the user to type :// plus several other / but if we steel the focus from the address bar, unaware users will type something like this http://www.google.com for example, which is what we want.
On 2/11/07, pdp (architect) <[EMAIL PROTECTED]> wrote: > try this > > <input id="foo" type="text"/> > <script> > setInterval(function () { > document.getElementById('foo').focus(); > },1); > </script> > > :) the address bar is disabled... > > On 2/11/07, pdp (architect) <[EMAIL PROTECTED]> wrote: > > phh :), I found something very interesting when testing your IE > > example... every time I try to type something in the address bar, the > > focus is redirected back to the input box. I wonder if it is possible > > to capture what the user is typing in the address bar. That would be > > neat... I am just checking your code to see what the hell is going on. > > > > On 2/11/07, Michal Zalewski <[EMAIL PROTECTED]> wrote: > > > On Sun, 11 Feb 2007, pdp (architect) wrote: > > > > > > > IE is vulnerable too, since I used to play around with this bug long > > > > time ago. > > > > > > Possibly MS00-093, but that's long fixed. But yes, MSIE variant is > > > possible, though more contrived. > > > > > > /mz > > > > > > > > > -- > > pdp (architect) | petko d. petkov > > http://www.gnucitizen.org > > > > > -- > pdp (architect) | petko d. petkov > http://www.gnucitizen.org > -- pdp (architect) | petko d. petkov http://www.gnucitizen.org _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/