Domain: zapthedingbat.com
Stories and comments across the archive that link to zapthedingbat.com.
Comments · 22
-
Re:Has nothing to do with IE, you idiot
Funny how my Mozilla 1.5 build 2003121611 is not effected.
I tested it @ zapthedingbat.com
-
Test your browser
If you can dig out a copy of IE (or if you want to prove your mozilla browser doesn't put you at risk), you can test your browser for the vulnerability.
-
Re:Turn off Javascript, turn on the status bar
Here's an example
no, that link is not supposed to do it, the page will show you what it is. -
Re:Dupe
If the user has to click on a button, then they can't tell where it will take them unless they look at the source code.
Case in point: zapthedingbat.com -
Re:But MS is "fixing" other issues...
Just fucking great. Instead of actually fixing the problem, they just told RFC 2396 (which is based on the ten year-old RFC 1738 and officially endorsed by the HTTP standard) to fuck itself and called it a day. And in the meantime, they recommend that users not click any links at all.
Just amazing that this is what we have to deal with.
-
What a crap way around fixing the security hole
The reason they are doing this is due to the security hole that was found in IE recently.
Instead of fixing the bug that is causing they security hole they remove the feature. How stupid and dumb is that? It is more-or-less saying, "We have got no idea how to program and cannt make enough sense of our own code to fix a security issue." -
Patch didn't work for me
Hey guys, I'm here at my office running on a Win2k machine, with IE 6.0.2800.1106. I just installed the patch then tested it against the proof of concept code at this location and the exploit still worked for me. The code went through, and did display www.microsoft.com in the address bar as it should of.
I'm not sure if anyone else is having luck with this patch working or not. Maybe I did something wrong? But for my inital test, it failed for me. Proof of concept code was located through Bugtraq -
Re:Not patching this month......
You are correct. However, I was referring to the location bar. In fact, if you look at this example, you'll see that for buttons, the status bar doesn't say anything about the destination of the link. In any case, I almost never pay attention to the status bar. That can be manipulated by the website, especially in that other browser.
-
Re:Firebird fails in the status bar, sort ofBull. Firebird shows the full bogus address in the location bar on my machine. This is not a problem on Firebird at all.
Go to this site to test the vulnerability.
-
Re:Supply a link, this article says IE only.
I tested it on both Firebird 0.7 and Mozilla 1.6beta and both (linux versions; windows versions not tested, but probably safe too) were not vulnerable. For anyone who wants to test for themselves, a test/demo is available online.
-
Re:This affects mozilla firebird tooThe "I know you're a troll" line referred to your statement after that:
those berating ms should set about fixing it in their beloved OSS browser first. interesting to see whose fix comes out first.
As has been mentioned in another post on this thread, the 0.7 version of Firebird doesn't display this behavior. I found the above statement to be trollish, especially when you look at the poor capitalisation. Your post was an attempt to make people think that Mozilla/Firebird browsers are all open to the same exploit, when in reality you only tested it on one version, which has already been upgraded (and the exploit does not exist in newer versions).
Now on to the merits of your claim. I downloaded Firebird 0.6.1 and went to this test page to see if the exploit worked. Guess what, it doesn't. Then I went to the link you posted above, http://www.slashdot.org%01@www.cnn.com/, and the address bar did not truncate after slashdot.org (you have to copy and paste the above, since slashcode strips out the bad parts). I hereby declare your post, by virtue of being incorrect, misleading, and inflammatory, to be the work of a troll. You were right when you said you shouldn't have responded. Now you've been shown to be even more wrong. HAND. -
Re:Supply a link, this article says IE only.I just confirmed that the exploit works in IE5.0, per the harmless test page linked from Infoworld.
-
Re:The example misuse
At http://www.zapthedingbat.com/security/ex01/vun1.h
t m, did you just enter the url or did you click on the button? If not, try this again.If you just enter the URL above (http://www.microsoft.com%01@zapthedingbat.com/se
c u rity/ex01/vun2.htm) in the URL bar, it does show the true URL properly - no bug. However, if you click on the button, which uses Javascript to redirect to the false URL, the bug appears.This is a real flaw, and is something Microsoft should be jumping through hoops to fix asap.
-
Re:Not patching this month......
This doesn't work with buttons. Check out their demonstration.
-
Depends on how the URL is activatedThe test is activated via a button with an OnClick event, which sets "location.href" to demonstrate the bug:
<button onclick="location.href=unescape('http://www.micro
Pasting the same URL into the MSIE address bar does not seem to cause the bogus address to appear, i.e. I see the "zapthedingbat" URL.s oft.com%01@zapthedingbat.com/security/ex01/vun2.ht m');" > -
Re:This affects mozilla firebird too
Are you sure? I tested Mozilla using this page and it worked correctly. I tested the same page using IE and the url came up "www.microsoft.com".
Yes, I know you're a troll. But I figured anybody who might be fooled by your outstanding writing should be able to click on a link and test their own browsers.
Also, I should note that Opera actually gave me a pop-up warning that I was sending a username to the site - the username www.microsoft.com - and after I agreed to do that I got a page with the correct url. Has anybody else tested this on other browsers? -
Slightly offtopic, but about Mozilla
Mozilla 1.5 W2K shows the full URL with the %01 (doesn't convert it), but did anyone notice that the text on the test page is in a REALLY tiny font? It seems that Mozilla renders the font size incorrectly if you put a space between the number and the 'pt' (style="font:8 pt verdana" instead of style="font:8pt verdana")
-
Re:Works fine on IE
What is your version-number? Mine is 6.0.2800.1106, and I can confirm that its working (infortunately)...
Have tried some examples? Such as this one? [zapthedingbat.com]
-
Re:The example misuse
In case anyone is wondering, this doesn't appear to affect IE on mac. When I click the test exploit link on http://www.zapthedingbat.com/security/ex01/vun1.h
t m it simply turns into http://www.microsoft.com%01@zapthedingbat.com/secu rity/ex01/vun2.htm -
Re:The example misuse
Or even (with a marked up URL):
http://www.zapthedingbat.com/security/ex01/vun1.ht m -
A demonstration
Click here [ZapTheDingBat.com] to see an example of how it is done...
Opera and Mozilla (at least firebird) handles it properly
:-) -
Link to POC test