permanent fix for the shmoo group exploit - the old techlifeblogged
permanent fix for the shmoo group exploit - the old techlifeblogged
old tech.life.blogged
subscribe
contact info
my other sites
join jotspot affiliates
permanent fix for the shmoo group exploit
it's been mentioned in the news and over at boing boing that there is an exploit common to non-internet explore browsers. fixes have been posted for firefox but they don't work. below, i describe how to get your browser patched.exploit demo:go to http://www.shmoo.com/idn/when you click on the link to paypal on that page it will give you a bogus result.and if you try the link to the ssl paypal site it will even appear as if firefox is in a secure site! you get the yellow address bar and the lock and everything. pure evil.don't worry, this is only a demo.about the exploit:basically this exploit takes advantage of a poor implemention of the international domain name specification. it doesn't work in ie because ie doesn't support that specification yet.you can read more about shmoo and what they know about homograph attacks here. if you look at that site and the boing boing site i linked to above, you'll find that they both contain information about how to patch firefox. the trouble is, while the fix appears to work, once you close your browser and open it again, the patch does not take effect. even if you go back and look at about:config you'll notice network.enableidn is still marked 'false'. but if you try the exploit again you'll see it still works.a little hackbefore we start, i should emphasize that while this patch worked for me on 2 windows xp machines i can't guarantee it will work for you. the patch involves simply changing a text file so make sure you back it up before hand.here we go...shutdown firefoxgo to your firefox profile directory. in windows xp, it is located in c:\documents and settings\username\application data\mozilla\firefox\profiles\default.###\ . this directory is hidden. to learn how to unhide files and directories in windows xp, read this. to find it in another os, have a look at http://www.mozilla.org/support/firefox/edit#profilefind the compreg.dat file in your profile directory.make a copy of compreg.dat and store it somewhere else in case you make a mistake in the following. just copy it to another location that you can easily find should you need to copy it back again. also, make sure you copy and don't move.open up compreg.dat. in windows xp i used wordpad.scroll down to the [contractids] section and look for a line similar to this one:@mozilla.org/network/idn-service;1,{62b778a6-bce3-456b-8c31-2865fbb68c91}you are going to change the 1 to a 0 so the line reads:@mozilla.org/network/idn-service;0,{62b778a6-bce3-456b-8c31-2865fbb68c91}when you are done, go have a look at the exploit site again and you should see that firefox now returns a 'page not found' error as it should.update 2/8/05 8:02 am pstin the comments reader lionfire mentions that this fix isn't quite permanent because compreg.dat gets updated when you install an extension. i have just confirmed this. i'm looking further into how to make this permanent. stay tuned!update 2/8/05 9:53 pm pstmozillazine has a 'sticky' post at the top of their forum about this topic here. currently their workaround are the same as what i posted here.fyi- someone in the comments here asked about mac and from the thread there on mozillazine i saw the default mac profile can be in ~/library/application support/firefox/xxxxxxxx.default/ or ~/library/mozilla/firefox/profiles/xxxxxxxx.default/update 2/9/05 8:38 am psti've written another blog entry containing a great work around using adblock. much simpler than all of the above. read it here.[category: firefox]
this entry was posted on monday, february 07, 2005 at 9:25 pm.
« home | next » | next » | next » | next » | next » | next » | next » | next » | next » | next »
6 comments:
using firefox 1.0.6 i have edited the about:config file network.enableidn and set it for false and also successfully edited the compreg.dat file. after having restarted the browser several times and re-booted the machine over the course of the last 24 hours (and having downloaded an extension upgrade) here's what i saw. the network.enableidn setting did not change, still user set to false. upon checking the compreg.dat file i saw that the 0 had been reset to 1. i reset it to 0 and checked the properties of the file to find they were set to archive. before saving the re-edited file i reset the file properties to read-only. i'll let you all know what happens in the next 24 hours.the desert fox
by anonymous, at 8:33 pm
the adblock filter is nice if you're planning on idn spoofing attacks using only url's with characters outside the normal ascii range. overseas domains use special non-ascii characters that render the adblock scheme a partial fix at best. fyi.
by anonymous, at 9:18 pm
network.enableidn boolean determines whether to use idn (international domain name) support (http://www.mozilla.org/projects/intl/idn_mozilla.html) in the browsertrue (default): enable idn supportfalse: opposite of the abovenote: in firefox 1.0, this preference did not "stick" (see bug 261934 (https://bugzilla.mozilla.org/show_bug.cgi?id=261934)). fixed in 1.0.1.upgrade your browser.
by anonymous, at 8:03 am
it is strange, but i think i dont have same problem as you - if i change just about:config, it works all the time.. and after restart firefox.
by anonymous, at 4:34 am
type "about:config" into the address bar and hit return. scroll down and look for the following entries: network.http.pipelining network.http.proxy.pipelining network.http.pipelining.maxrequests alter the entries as follows: set "network.http.pipelining" to "true" set "network.http.proxy.pipelining" to "true" set "network.http.pipelining.maxrequests" to some number like 30. this means it will make 30 requests at once.lastly right-click anywhere and select new-> integer. name it "nglayout.initialpaint.delay" and set its value to "0". this value is the amount of time the browser waits before it acts on information it receives. if you're using a broadband connection you'll load pages much faster now!
by anonymous, at 9:02 am
hi...i am not a schmoo, at least not yet. first i'd heard of you guys/gals. however, i heard firefox/moz. was hacked and they can even get into macs now, though i have a pcam looking for the patch if there is one. disabling the schmooz thingy seems moot for me since i am not a member of that club.pls advise, obviously a non tech in gainesville, fl
by anonymous, at 1:11 pm
post a comment
<< home
Acceuil
suivante
permanent fix for the shmoo group exploit - the old techlifeblogged
McKenzie can fix front-row woes - Rugby - Fox Sports engrais - Bio Fix Grotek Porte-bidon, bottle fix kit de fixation pour porte bidon East Bay SPCA Ultim'Fix Spray Coiffant Studio Line de L'Oréal Paris PocketPCFreeware : Notification Clear Fix 1.2 XTREM'FIX - produits professionnels Bostik Fix-max, fix-wear, fixmax, se fixe partout! Fix It Tools - cheap power tools, discount air tools and hand tools Why Search Sucks & You Won't Fix It The Way You Think Fix My Essay: Personal Statement and Admissions Essay Help ... JScreenFix - Fix stuck pixels The Daily Fix Télécharger Div Divx Fix Repair Joiner. Fixez le dossier endommagé ... CRAOWIKI - Fix Fix BUG FIX définition BUG FIX Télécharger Norton 2000 BIOS Test/Fix: version 1.0 [Freeware ... Daily Funny Fix / Media Couverture Zewi-Fix Bleu 60 x 120 cm Zewi Bébé jou (Zewi Bébé jou) Couverture Zewi-Fix Ciel 90 x 190/200 cm Zewi Bébé jou (Zewi Bébé jou) Chancelière Cabrio Fix Athletic : enfant - article bébé à petit prix IONA Financial Solutions: FIX Information Unsanity.org: Love Tropicana: The Fix for securityd Eatings Gobs ... Forum CAC 40 Volumes anormaux au fix de vendredi sur les valeurs ... FORTIS B FIX S.A. Sicav de droit belge Montagne du Parc, 3 1000 ... FORTIS B FIX S.A. Sicav de droit belge Montagne du Parc, 3 1000 ... FiX-Netze.com » Blog Archive » Un MacOS X pas comme les autres… El-Fix a/s Bored fix - Why should you be bored? FIX DIVFIX.MAXELINE.COM - Offical DivFix homepage - divx, avi, video ... Firefox Bug 246078 Fix :: Mozilla Stuff :: JohnHaller.com HOUSE OF FIX - LIMITED EDITION T-SHIRTS ! - Les news de Bikini Test WinSock XP Fix 1.2 Détails constructifs. CYPE. FIX: Planchers Inclinés. Détails ... tono fix you (Tono Monofónico fix you) (sonnerie.01net.com) Quick-Fix Keychain Garniture Mousse pour fix Standard: Acheter dans plus de 270 ... xfonts fix fix : traduction fix dans le dictionnaire MEDIADICO FIX: Fatal error: Allowed taille de la mémoire de 8388608 octets ... Free advice on how to fix your bicycle fortycentfix! Télécharger WinSock XP Fix VICHY THERMAL FIX MAT Pants'Fix trousers solution women femme - Vidéos Actualités Mode ... Flickr: FIX MY PIC Wii Strap Fix - a photoset on Flickr Coop's Daily Joke Fix FixVideoResolutionHowto - Community Ubuntu Documentation Qwik-Fix qfcoresvc Daily Fix Coffee New Statesman - The road fix jem & fix - Lavpris byggemarked Définition : FIX - informatique Gers, vente, maintenance ... Forum AideInfo.com :: Voir le Forum - (FIX) Correctifs et mises à ... IBM - 6.0.2.7: WebSphere Application Server V6.0.2 Fix Pack 7 for ... Fix-It : Home Neowin.net - Apple Releases Fix for iMac Freeze Issue, fix not enough Restaurant Fix Saint Geneys Haute-loire Restaurants Fix Saint Geneys