Coffeehouse Thread

25 posts

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

Impressive Plishing Site

Back to Forum: Coffeehouse
  • User profile image
    Manip

    I would just like to mention that my copy of IE / XP is completely up to date and this is no exploit (as per software).

    Notice anything?




    If you haven't spotted it let me give you a hint:

  • User profile image
    Manip

    Which troll is going to make some lame pro Firefox statement first?

    Well no need, this site is FF compatible, here is how it looks in FF (Notice the Address bar has been removed):

  • User profile image
    W3bbo

    IRT the screenshot:

    AFAIK, IE SP2 doesn't allow javascript to remove the address bar anymore

    Manip wrote:
    Which troll is going to make some lame pro Firefox statement first?


    Why "lame" ? Its a fact that Firefox isn't affected by this issue for what should seem obvious reasons. If it so happens that you know someone who could be fooled by this phishing attempt, then it would be well-advised for them to switch to a browser with a different interface. Not nesacerily Firefox though. Opera, Mozilla, Netscape, iCab, Camino, Safari, K-Meleon, Konquerer... there's more to the web than IE and Firefox y'know.

    Manip wrote:
    Well no need, this site is FF compatible, here is how it looks in FF (Notice the Address bar is gone):


    Of course, I've tweaked my Firefox to never allow a website to remove any chrome elements. I've also filed a few bugzilla entries as to prevent this. But there's one thing I like about Firefox that IE has yet do do:

    "Never allow scripting to touch the statusbar"

    The IE team's excuse of maintaining "backwards compatibility" is no excuse.

  • User profile image
    AndyC

    W3bbo wrote:
    IRT the screenshot:

    AFAIK, IE SP2 doesn't allow javascript to remove the address bar anymore


    Correct. I just visited the site myself to make sure and both toolbars are clearly visible.

    Yet another reason for those who are stalling to upgrade to XP SP2, if you ask me.

    W3bbo wrote:

    "Never allow scripting to touch the statusbar"

    The IE team's excuse of maintaining "backwards compatibility" is no excuse.



    For once, I'm in total agreement with you.

  • User profile image
    Manip

    I feel one of these unwinnable debates with a Firefox zealot coming on.

    "If I tweak this a little, turn this off, install this patch, modify just ten lines of code it fixes the problem, I ask you who COULDN'T do that?"




    W3bbo wrote:
    AFAIK, IE SP2 doesn't allow javascript to remove the address bar anymore


    Line #1:

    Manip wrote:
    I would just like to mention that my copy of IE / XP is completely up to date and this is no exploit (as per software).



    W3bbo wrote:

    Manip wrote: Which troll is going to make some lame pro Firefox statement first?


    Why "lame" ? Its a fact that Firefox isn't affected by this issue for what should seem obvious reasons.

     
    It is by the removal of the address bar just as vunerable to this very same site. And I'd imagine that someone to create a fake bar if FF's market share was large enough too.


    W3bbo wrote:
    If it so happens that you know someone who could be fooled by this phishing attempt, then it would be well-advised for them to switch to a browser with a different interface. Not necessarily Firefox though. Opera, Mozilla, Netscape, iCab, Camino, Safari, K-Meleon, Konquerer... there's more to the web than IE and Firefox y'know.


    It is a very good fake. I'd say a LOT of people could get fooled by it, even some that visit this site I'd imagine.

    W3bbo wrote:
    Of course, I've tweaked my Firefox to never allow a website to remove any chrome elements.


    Which isn't the default for all the nubs that installed firefox to stay secure 8-)

    W3bbo wrote:

    I've also filed a few bugzilla entries as to prevent this.


    Which the Mozila Foundation ignored.


  • User profile image
    Manip

    AndyC wrote:
    W3bbo wrote: IRT the screenshot:

    AFAIK, IE SP2 doesn't allow javascript to remove the address bar anymore


    Correct. I just visited the site myself to make sure and both toolbars are clearly visible.

    Yet another reason for those who are stalling to upgrade to XP SP2, if you ask me.


    Visit the entry site (the one sent via e-mails) and click the moved link.

  • User profile image
    Sven Groot

    So you first have to go to a site that claims to be paypal but clearly isn't by the address bar entry, and then click a link to get to the phishing site. Not quite so impressive anymore.

    Besides, for those with Luna enabled the fake address bar looks all wrong.

  • User profile image
    Neotom II

    I'm not really able or willing on this TV to check, but is that that stupid thing where the guy put a floating toolbar under the address bar on a *free hosting* site that branded every page with a floating toolar, therefore kind of negating all his work?

  • User profile image
    Badgerguy

    I've tried this in both Internet Explorer (on my Windows XP SP2 box) and Firefox 1.0.4

    Both are affected, with the address bar removed and a fake one loaded.  It looks fake, and doesn't appear in the same place as the original (now hidden) address bar - but thats besides the point.  It doesn't need to be good enough to fool everyone, so long as it fools some people, it achieves the goals of the phishers.

    I've never used FireFox for improved security.  For me, the primary overiding reason I use FireFox is for it's speed.

    Firefox is quite capable of acting as a conduit for spyware, and as this site demonstrates, it can also fall foul of manipulation by phishing sites.

  • User profile image
    W3bbo

    Badgerguy wrote:
    Firefox is quite capable of acting as a conduit for spyware, and as this site demonstrates, it can also fall foul of manipulation by phishing sites.


    Perhaps, but I feel the Foundation will respond to this one quicker than the IE Team.

    I've also filed another BZ entry here

  • User profile image
    Manip

    W3bbo wrote:
    Badgerguy wrote: Firefox is quite capable of acting as a conduit for spyware, and as this site demonstrates, it can also fall foul of manipulation by phishing sites.


    Perhaps, but I feel the Foundation will respond to this one quicker than the IE Team.

    I've also filed another BZ entry here


    I bet you do FEEL that way but the evidence is weak at best.

  • User profile image
    ScanIAm

    I always thought it was lame to allow a script to pop up a dialog box that looked so identical to a 'windows' dialog that it could fool people. 

    Hell, given how often it's exploited for evil purposes, it would be nice to simply get rid of popups alltogether.

    But then, I don't know web coding that well, and I'm sure there are a million technical reasons why we should allow this annoying practice to continue.

  • User profile image
    blowdart

    OK blatent cut and paste from slashdot / my blog now, but social bookmarks may help. I've already marked that URL as dangerous, so people trusting my reports will get a warning before going to the page.

    (cut n paste follows)

    Currently undergoing slashdotting, outfoxed seems an interesting tool for firefox. More social bookmarking, with a clear icon on your toolbar telling you if your network of informers think it's good or not. You can also get your google results sorted, based on the recommendation level from your network.

    You can sign up, using me as a referral and can see my reports. If you do sign up please mail me so I can get your reports about what you find good and bad. One thing to watch, it exports all your book marks. Your internal web pages, like printer configurations and wireless access point configuration pages, your bank URL, your credit card URL (I can't seem to delete that one for some reason)/ So make sure you edit your default reports and cull (if you can) bookmarks you don't want to share, then republish your information. I've configured it to publish the reports on my server via FTP, but I don't see any way of sending updates every time. So if things are out of sync I've forgotten to manually publish.

  • User profile image
    Manip

    Beer28 wrote:
    Manip wrote: I would just like to mention that my copy of IE / XP is completely up to date and this is no exploit (as per software).

    Notice anything?


    I noticed it doesn't work on linux



    I also noticed that firefox removes the extra address bar js immediately after the page is loaded exposing only the real address.

    YAHFIW - Yet another hack for IE and Windows


    If you fake an IE header in your browser than it is going to go wrong... But as that is not the default for Firefox or Linux see above.

  • User profile image
    Manip

    Beer28 wrote:
    This is one of the huge problems with windows and related built-in applications like IE having a "consistent interface".


    LMAO -- I was laughing and crying at the same time. That has to be one of the funniest things (and dumbest) a Linux zealot has ever said...

    You are saying that the Linux's communities inability to get its act together and bring out consistent interfaces for applications is a GOOD thing because it somehow makes things more secure --- hahahaha

    You should be put in a crazy house beer because your faith is too strong, and I can see you bombing Microsoft in a couple of years... Crazy nut

    I'm just happy you don't actually release software, I can just imagine you trying to make it "more secure" by having every dialog change colour on each load and randomly moving a dialog button just to keep the user's on their toes.

  • User profile image
    Sven Groot

    Beer28 wrote:
    ( Except Sven of course who will use Redhat Blue Curve for ever and ever )

    Well, not bluecurve, because that is ugly. But I don't feel compelled to go and download a theme if there's one on the machine that's good enough. I just don't care about the visual look that much. If the default doesn't bug me too much, I'll rarely change. Back in the days I used WinAmp I never used any skins besides the default, I use the blue Luna on WinXP, and I change my desktop background picture like once every three years. My phone uses the default theme and default ringtone, etc. etc. etc.

  • User profile image
    Steve411

    hehehe. I got an e-mail from these guys about a while ago. E-mailed them back with a bunch of crap I had to say... let's say they never wrote back. Wink No more SPAM for Steve!

     If you want something fixed, Don't wait for Microsoft to get off it's lazy security butt;
    - Steve

  • User profile image
    Heywood_J

    W3bbo wrote:
    I've also filed another BZ entry here


    You are not authorized to access bug #298254. To see this bug, you must first log in to an account with the appropriate permissions.


Conversation locked

This conversation has been locked by the site admins. No new comments can be made.