Nah, it's not that easy. The browser needs to think it's talking to www.amazon.com for the Amazon cookie to show up.
Not downplaying the bug -- it's a problem -- but it's not THAT problem. On Nov 9, 2009, at 11:32 PM, [email protected] wrote: > On Mon, 09 Nov 2009 15:50:40 PST, "Rob, grandpa of Ryan, Trevor, > Devon & Hannah" said: >> Ummmm, are we missing something? As far as I can see, this affects >> *any* kind >> of e-commerce, but I'm not seeing much discussion on it ... > > Yeah, it affects pretty much any SSL or TOS, so yes, basically all e- > commerce. > > It's however mitigated by the requirement that you be able to MITM > the connection. > So, if you wanted to run this attack against my visit to www.amazon.com > , > you need to get me to visit your attack host instead of > www.amazon.com. > You might be able to pull a DNS trick, or you might be able to use > an HTML > e-mail that contains cruft like: > > <this-is-an-a href=www.my-rbn-malware.com> www.amazon.com </a> > > So there's a few preconditions that raise the bar a bit. > > _______________________________________________ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
