Tencent QQ browser IOS version of the URL spoofing vulnerability-vulnerability warning-the black bar safety net

2015-01-04T00:00:00
ID MYHACK58:62201557680
Type myhack58
Reporter 佚名
Modified 2015-01-04T00:00:00

Description

QQ browser for ios will be in the page title of the body displayed on the address bar, that URL spoofing greatly reduce the cost, may indirectly cause the user to suffer from phishing attacks.

First construct a and mail. qq. com approximate domain name, POC at the following address:

code area

http://mail. qq. com. cgi-bin. frame-html. siduz1gjqsctztfk8br0c141773e. x55. me

Subsequently, the page title is set to:

code area

http://en.mail.qq.com/cgi-bin/loginpage

Page specific content, all is from original mail. qq. com there copy over.

Vulnerability to prove:

When the victims through QQ browser for ios open angler of the page and try to login when the screen effects:

! 1. png

Wechat and QQ there are also similar problems, I will not screenshot. Not only on ios, on Android. Since they have no address bar nor can we refer to it as a URL spoofing. Can consider, whether the need for rectification.

! 2. png

Repair solutions:

As a browser, I think in the address bar displays the title of the body instead of the original address is unreasonable. If combined with a Homoglyph Attack may make this type of attack in QQ browser more subtle.