473,326 Members | 2,147 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,326 software developers and data experts.

javascript link spoofing exploit found!

try this page:

<a href="http://google.com"
onclick="this.href='http://yahoo.com'">Spoof link should go to
google</a>

both in IE and Firefox, users see google in the status bar and assume
that it will go to mozilla, but then at the last second, once users
click the link, the browser actually goes to yahoo. of course you can
obfuscate this by making the onclick a function, defined in some
external file. this is dangerous!

Dec 15 '05 #1
1 1565
mickey wrote:
<a href="http://google.com"
onclick="this.href='http://yahoo.com'">Spoof link should go to
google</a>
It is even simpler and more compatible:

<a href="http://google.com"
onclick="location='http://yahoo.com'; return false;"Spoof link should go to google</a>
This is part of DOM Level 0, therefore possible since JavaScript 1.1
(NN3; the DOM was still part of the language then), and IE3 -- both
released in August 1996.
both in IE and Firefox, users see google in the status bar and assume
that it will go to mozilla, but then at the last second, once users
click the link, the browser actually goes to yahoo. of course you can
obfuscate this by making the onclick a function, defined in some
external file. this is dangerous!


I would call that harmful, but not dangerous (OK, considering the
content of yahoo.com maybe even that :)).

Users should be aware that such is entirely possible with client-side
scripting. Anybody paranoid enough may disable script support where
the problem will disappear. But client-side scripting can provide many
useful features, so vendors should develop a block feature for such
script-kiddie nonsense as they have for hiding the status bar, e.g.;
the question is: how to detect what is a useful redirection and what
is not?

BTW: This is a *news*group. [psf 4.16]
PointedEars
Dec 15 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
by: Gowhera Hussain | last post by:
Use This for Learning Only .... Do Not Try To Act Smart HACKING WITH JAVASCRIPT Dr_aMado Sun, 11 Apr 2004 16:40:13 UTC This tutorial is an overview of how javascript can be used to bypass...
53
by: Cardman | last post by:
Greetings, I am trying to solve a problem that has been inflicting my self created Order Forms for a long time, where the problem is that as I cannot reproduce this error myself, then it is...
30
by: Mason A. Clark | last post by:
If I use javascript on my page, how likely is it that the viewer will not have javascript? Anyone have data? Mason C
16
by: Java script Dude | last post by:
To all Mozilla JS Guru's (IE dudes welcome), I have spent the last three years developing complex DHTML applications that must work in IE 5.5sp2+ but I use Mozilla 1.3+** to do all my...
9
by: Pascal Vyncke | last post by:
Hi, I discovered a NEW security hole / exploit in IE6 with SP2 and all the latest security patches. Overview of the exploit: * Bug for all Microsoft Internet Explorer users * Can be...
2
by: Alex Hunsley | last post by:
Symantec antivirus has apparently picked up a virus in my Python 2.4 (under cygwin): Scan type: Scheduled Scan Event: Threat Found! Threat: Bloodhound.Exploit.49 File: ...
28
by: Noone Here | last post by:
AIUI, it was not all that long ago when the threat to personal users, was attachments that when executed compromised machines with keyloggers, trojans, etc. Now it seems that the big problem is...
25
by: Peter Michaux | last post by:
Hi, I'm thinking about code minimization. I can think of a few places where whitespace matters a + ++b a++ + b a - --b a-- -b when a line ends without a semi-colon in which case the new...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.