Firefox Master Password Dialog Weakness
Günlük Okunma : 3 | 06.10.2007
In client-side security history we've seen so many badly designed interfaces and technologies which lead to phising and several spoofing attacks (remember chrome window spoofing in IE?). Today I've noticed that Firefox Master Password Dialog is almost identical with Firefox JavaScript Prompt dialog. Potentially an attacker can show a Prompt dialog and capture the master password. Obviously this is not a big deal since this password is useless without password file and if you got the password file you can just brute-force it anyway... And again obviously it's still important bec......
In client-side security history we've seen so many badly designed interfaces and technologies which lead to phising and several spoofing attacks (remember chrome window spoofing in IE?). Today I've noticed that Firefox Master Password Dialog is almost identical with Firefox JavaScript Prompt dialog. Potentially an attacker can show a Prompt dialog and capture the master password. Obviously this is not a big deal since this password is useless without password file and if you got the password file you can just brute-force it anyway... And again obviously it's still important bec......
Arşiv
Yeni yazıları RSS ile takip edebilir ya da e-mail adresinize gelmesini sağlayabilirsiniz.
En Çok Okunan 10 Yazı | Toplam En Çok Okunan 10 Yazı | Tüm yazılar ve Makaleler