1) Yup, pretty unconvincing. Though one could separate window shadows, invert the image and create what looks like a seamless background in the file-upload window.
2) Where is "here"? :) Cheerio, Chris. On Tue, Dec 14, 2010 at 10:19 PM, Michal Zalewski <[email protected]>wrote: > Hi folks, > > Two minor things that do not deserve a lengthy discussion, but are > probably mildly interesting and worth mentioning for the record: > > 1) Chrome browser is an interesting example of the perils of using > minimalistic window chrome, allowing multiple windows to be spliced > seamlessly to confuse the user as to the origin of the displayed > content. An unconvincing Windows-specific proof-of-concept: > http://lcamtuf.coredump.cx/chsplice/ > > 2) I reported this to the vendor long time ago, and could not get them > to commit to a specific fix: Safari allows windows without the address > bar and other essential chrome, akin to the behavior of other browsers > circa 10 years ago. This essentially makes all other address spoofing > vulnerabilities redundant, as the attacker has the ability to decorate > windows arbitrarily (you can look up ancient proof-of-concept exploits > for Netscape or MSIE here). > > /mz > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
