[WEB SECURITY] Web Hacking Incident: PayPal Phishing Site Exploits Google XSS Vulnerability
Watchfire Research
security-research at watchfire.com
Wed Jan 11 10:19:14 EST 2006
Hello,
As already stated by Stelian Ene in a posting to bugtraq/webappsec
(@securityfocus.com), the PayPal phishing scam presented below exploit a
well-known redirection phishing trick via Google's redirection script.
It is important to mention that unlike what stated in
http://castlecops.com/article-6460-nested-0-0.html, the attack is not
based on the Cross-Site Scripting vulnerability which was recently
detected and published by Watchfire in Google's website
(http://www.securiteam.com/securitynews/6Z00L0AEUE.html).
Best regards,
Yair Amit
Security team
Watchfire (Israel) Ltd.
-----Original Message-----
From: Ofer Shezaf [mailto:Ofer.Shezaf at breach.com]
Sent: Wednesday, January 11, 2006 2:18 PM
To: websecurity at webappsec.org
Cc: zx at castlecops.com
Subject: [WEB SECURITY] Web Hacking Incident: PayPal Phishing Site
Exploits Google XSS Vulnerability
Since Paul missed our list, I'm forwarding his very interesting e-mail
regarding a Google XSS vulnerability exploited for phishing.
~ Ofer
-----Original Message-----
From: Paul Laudanski [mailto:zx at castlecops.com]
Sent: Wednesday, January 11, 2006 7:52 AM
To: bugtraq at securityfocus.com; vuln at secunia.com;
webappsec at securityfocus.com
Cc: reportphishing at antiphishing.org
Subject: PayPal Phishing Site Exploits Google XSS Vulnerability
There is a new PayPal phishing site that is crafty and cunning in
attempting to hide its true address from the surfer. Unsuspecting users
might fall for this devious trickery. It is thru a Google XSS attack
that
the phishing site uses to begin its lure and deception of the surfer.
Read
full details and watch the entire captured video of this scam here:
http://castlecops.com/a6460-PayPal_Phishing_Site_Exploits_Google_XSS_Vul
nerability.html
( short: http://castlecops.com/article-6460-nested-0-0.html )
--
Paul Laudanski, Microsoft MVP Windows-Security
[de] http://de.castlecops.com
[en] http://castlecops.com
[wiki] http://wiki.castlecops.com
[family] http://cuddlesnkisses.com
------------------------------------------------------------------------
-
This List Sponsored by: Watchfire
Watchfire's AppScan is the industry's first and leading web application
security testing suite, and the only solution to provide comprehensive
remediation tasks at every level of the application. See for yourself.
Download AppScan 6.0 today.
https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh
------------------------------------------------------------------------
--
---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/
The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/
---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/
The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/
More information about the websecurity
mailing list