"Haifei Li" <[email protected]> wrote: > This is a copied version of my blog post, original version > http://justhaifei1.blogspot.com/2015/10/watch-your-downloads-risk-of-auto.html. > Probably it's commonly known that when you try to download > something on your modern browser e.g. Google Chrome or > Microsoft Edge, the file will be downloaded automatically to > your local system with just a simple clicking - no need for > additional confirmations. With default settings, the file > will be downloaded to your "Downloads" folder > ("C:\Users\<username>\Downloads"). > Personally, I have worried about this feature quite some times, > now I finally got some time on highlighting this. (Please tell > me if there's someone already talked about this,
Of course somebody wrote and talked about this already: <http://blog.acrossecurity.com/2012/02/downloads-folder-binary-planting.html> <http://blog.acrossecurity.com/2012/04/adobe-reader-x-1012-msiexecexe-planting.html> <http://blog.acrossecurity.com/2010/09/binary-planting-goes-exe.html> <https://www.it.uu.se/edu/course/homepage/sakdat/ht05/assignments/pm/programme/DLL_Spoofing_in_Windows.pdf> <https://cwe.mitre.org/data/definitions/426.html> <https://cwe.mitre.org/data/definitions/427.html> > I quickly googled around and wasn't able to find an appropriate > one, I think it should be known by many ppl). You can read a little bit more about this weakness and the resulting vulnerabilities on <http://home.arcor.de/skanthak/sentinel.html> stay tuned Stefan JFTR: <iframe src="url"> is HTML, not JavaScript. JavaScript is also not necessary to redirect to the download page of some morons who still expect their unsuspecting users to download and RUN an *.EXE to install their soft^Wcrapware: 1. <META HTTP-Equiv="refresh" content="5; URL="..."> exists; 2. Windows' native package format is *.MSI! _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
