Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [WEB SECURITY] Web Hacking Incident: PayPal Phishing Site Exploits G

from [RSnake] Network Security [Permanent Link]
Subject: RE: [WEB SECURITY] Web Hacking Incident: PayPal Phishing Site Exploits Google XSS Vulnerability
Date: Wed, 11 Jan 2006 09:58:05 -0800 (PST) 

    Google has a number of redirection holes just like the one
mentioned in that article, presumably to track user behavior for more
targeted ads.  In a cursory check I found four of them (these all simply
redirect to CNN):

http://froogle.google.com/froogle_url?q=http://www.cnn.com
http://www.google.com/url?sa=l&q=http://www.cnn.com/&ai=BsbPer84UQ7D7B73WsAGz6_3bAougzgu3ld23AeualQaA8lcQARgBIPJOKAhIkjlQjrnN4Pj_____AcgBAQ&num=1
http://catalogs.google.com/url?sa=H&title=PC+Connection&subtitle=&q=http://www.cnn.com
http://images.google.com/imgres?imgurl=.&imgrefurl=http://www.cnn.com

        Although in my mind the only thing that makes this worse than
any other redirection attack is that it's Google, and people trust
Google for some reason.

On Wed, 11 Jan 2006, Watchfire Research wrote:

Hello,

As already stated by Stelian Ene in a posting to bugtraq/webappsec
(@securityfocus.com), the PayPal phishing scam presented below exploit a
well-known redirection phishing trick via Google's redirection script.

It is important to mention that unlike what stated in
http://castlecops.com/article-6460-nested-0-0.html, the attack is not
based on the Cross-Site Scripting vulnerability which was recently
detected and published by Watchfire in Google's website
(http://www.securiteam.com/securitynews/6Z00L0AEUE.html).

Best regards,
        Yair Amit
        Security team
        Watchfire (Israel) Ltd.

-----Original Message-----
From: Ofer Shezaf [mailto:Ofer.Shezaf@breach.com]
Sent: Wednesday, January 11, 2006 2:18 PM
To: websecurity@webappsec.org
Cc: zx@castlecops.com
Subject: [WEB SECURITY] Web Hacking Incident: PayPal Phishing Site
Exploits Google XSS Vulnerability


Since Paul missed our list, I'm forwarding his very interesting e-mail
regarding a Google XSS vulnerability exploited for phishing.

~ Ofer

-----Original Message-----
From: Paul Laudanski [mailto:zx@castlecops.com]
Sent: Wednesday, January 11, 2006 7:52 AM
To: bugtraq@securityfocus.com; vuln@secunia.com;
webappsec@securityfocus.com
Cc: reportphishing@antiphishing.org
Subject: PayPal Phishing Site Exploits Google XSS Vulnerability

There is a new PayPal phishing site that is crafty and cunning in
attempting to hide its true address from the surfer. Unsuspecting users
might fall for this devious trickery. It is thru a Google XSS attack
that
the phishing site uses to begin its lure and deception of the surfer.
Read
full details and watch the entire captured video of this scam here:

http://castlecops.com/a6460-PayPal_Phishing_Site_Exploits_Google_XSS_Vul
nerability.html

( short: http://castlecops.com/article-6460-nested-0-0.html )

--
Paul Laudanski, Microsoft MVP Windows-Security
[de] http://de.castlecops.com
[en] http://castlecops.com
[wiki] http://wiki.castlecops.com
[family] http://cuddlesnkisses.com



------------------------------------------------------------------------
-
This List Sponsored by: Watchfire

Watchfire's AppScan is the industry's first and leading web application
security testing suite, and the only solution to provide comprehensive
remediation tasks at every level of the application. See for yourself.
Download AppScan 6.0 today.

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh
------------------------------------------------------------------------
--


---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/



---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/




-R http://ha.ckers.org/xss.html

-------------------------------------------------------------------------
This List Sponsored by: Watchfire

Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. See for yourself. Download AppScan 6.0 today.

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh
--------------------------------------------------------------------------

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: PayPal Phishing Site Exploits Google XSS Vulnerability, Stelian Ene
Next by Date:  Administrivia: Good news, everyone. Adverts are now distinct, Andrew van der Stock
Previous by Thread:  PayPal Phishing Site Exploits Google XSS Vulnerability, Paul Laudanski
Next by Thread:  RE: [WEB SECURITY] Web Hacking Incident: PayPal Phishing Site Exploits Google XSS Vulnerability, dpw
Indexes:  [Date] [Thread] [Top] [All Lists]