{"id":2806,"date":"2010-07-21T10:42:27","date_gmt":"2010-07-21T09:42:27","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=2806"},"modified":"2015-09-09T19:37:28","modified_gmt":"2015-09-09T11:37:28","slug":"clever-attack-allows-theft-of-names-addresses-from-ie-safari","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2010\/07\/clever-attack-allows-theft-of-names-addresses-from-ie-safari\/","title":{"rendered":"Clever Attack Allows Theft Of Names & Addresses From IE & Safari"},"content":{"rendered":"

There has been some very clever attacks lately, especially involving browsers and the kind of data they can leak when probed the right way. The biggest press recently was generated by the history leak<\/a> that occurs in most browsers.<\/p>\n

Another clever attack that got some coverage lately was tabnapping<\/a> and the latest is another fascinating way to lift information from browsers using the auto-complete feature.<\/p>\n

It’s good to see these kind of attacks, when you think about technically how they operate – they are fairly simple. But in saying that it takes a leap in logic to even get to the point where you can start coding for something like this.<\/p>\n

The Internet Explorer, Firefox, Chrome, and Safari browsers are susceptible to attacks that allow webmasters to glean highly sensitive information about the people visiting their sites, including their full names, email addresses, location, and even stored passwords, a security researcher says.<\/p>\n

In a talk scheduled for next week’s Black Hat security conference in Las Vegas, Jeremiah Grossman, CTO of White Hat Security, plans to detail critical weaknesses that are enabled by default in the browsers, which are the four biggest by market share. The vulnerabilities have yet to be purged by the respective browser makers despite months, and in some cases, years of notice.<\/p>\n

Among the most serious is a vulnerability in Apple’s Safari and earlier versions of Microsoft’s IE that exposes names, email addresses, and other sensitive information when a user visits a booby-trapped website. The attack exploits the browsers’ autocomplete feature used to automatically enter commonly typed text into websites. It works by creating a webpage with fields carrying titles such as \u201cFirst Name,\u201d \u201cLast Name,\u201d \u201cEmail Address,\u201d and \u201cCredit Card Number\u201d and then adding javascript that simulates the user entering various letters, numbers or keystrokes into each one.<\/p><\/blockquote>\n

It seems all 4 of the main browsers<\/a> are susceptible to this, although the implementation varies slightly for each browser. Hacking wise that’s not a big problem as you can just do a user agent string identification when the user lands on the malicious page and serve them up with the relevant info grabbing script for their browser type.<\/p>\n

The worst case scenario is if this flaw allows malicious pages to gather user passwords that are stored in the browser, combined with the ability to probe the browser to see which sites they have visited..it could multiply into a quite accurate and potentially dangerous attack.<\/p>\n

The worst effected is the Safari<\/a> and older versions of Internet Explorer<\/a>.<\/p>\n