Network Security: Detailed info on Re: unload event in ie/mozilla/opera

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Vuln-Dev

[Top] [All Lists]

Re: unload event in ie/mozilla/opera

from [Tobias Boonstoppel] Network Security

[Permanent Link]

Subject:	Re: unload event in ie/mozilla/opera
Date:	Thu, 25 Aug 2005 14:26:47 +0200

the only time that seems to trigger is when a different address is placed in 
the
address bar.


yes. this is why i added the "window.unlock" which is set true on
document.onmousedown
--> see code

hit reload, you will see the URL of the site you typed in.

yes... strange things happens there. also if you "see source-code"
after the redirect, it shows the source of the url you  typed into the
address-bar.

i did not have time to play some more with it. but maybee there i a
way to spoof an URL

on my opinion this redirect should be blocked (like they do block
popups etc..). this is a security lack... or am i wrong?

cheers
Tobias

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
unload event in ie/mozilla/opera, Tobias Boonstoppel RE: unload event in ie/mozilla/opera, David Gillett Re: unload event in ie/mozilla/opera, Drew Haven Re: unload event in ie/mozilla/opera, Tobias Boonstoppel <= Re: unload event in ie/mozilla/opera, Niels Bakker Re: unload event in ie/mozilla/opera, Godwin Stewart Re: unload event in ie/mozilla/opera, Michael Shigorin Re: unload event in ie/mozilla/opera, Stefan Kelm RE: unload event in ie/mozilla/opera, Early, Clint Re: unload event in ie/mozilla/opera, gegegz

Previous by Date:	Re: unload event in ie/mozilla/opera, Niels Bakker
Next by Date:	Tool Announcement: AIRT -- the Advanced Incident Response Tool 0.4.2 released, madsys
Previous by Thread:	Re: unload event in ie/mozilla/opera, Drew Haven
Next by Thread:	Re: unload event in ie/mozilla/opera, Niels Bakker
Indexes:	[Date] [Thread] [Top] [All Lists]