Tremulous Forum
Community => Off Topic => Topic started by: Warrior on July 11, 2007, 01:13:05 am
-
If you use Windows and have Firefox installed, close Firefox, open Internet Explorer, browse this topic and Click Here (http://firefoxurl://test%7Cwarrior.memebot.com/).
Thanks.
-
rofl, or wine.
-
works, but makes a shitload of annoying popups, and makes you use that pos browser.
-
k so i opened that link w/ Safari on my windows xp pro pc. all it did was open a lot of tabs in firefox??
-
Ok. I'll tell why I posted it...
In fact, it is a vulnerability that involves mainly Firefox but also IE (or other browsers).
"Firefox 'firefoxurl' URI Handler Registration Vulnerability"
This allows applications which render HTML (like Internet Explorer) to spawn an instance of Firefox.
The danger arises when parameters that are part of the firefoxurl: are passed directly to the Firefox.exe as options, without validation.
By using the firefoxurl URI, it is possible to use Internet Explorer (or other windows based browsers) to launch FireFox and immediately launch Javascript Code.
It is also possible to create a user profile, load arbitrary firefox options, and install global extensions, all without user consent.
Attacks using the firefoxurl URI will probably be initiated through the use of XSS or CSRF
Although these examples are very simple, other, more malicious attacks can probably be initiated
More info: http://www.xs-sniper.com/sniperscope/IE-Pwns-Firefox.html and http://secunia.com/advisories/25984
@Kage Mane: in Safari, type in the address bar: firefoxurl:test|warrior.memebot.com
-
To clarify the things a bit... and before someone think I'm posting harmful things...
1. The link on the first post will simply open Firefox with a tab showing my website (it is a clean site, xhtml1.0 validated, and you can download the best map: Labyrinth... joking, that's not the best map... and my HUD (this is the best available Hud though)).
2. In the above post I put the public links to where that vulnerability is described. It's a public published vulnerability.
3. I post because:
a. It's a little funny (the fact we can open a page in FF from inside IE);
b. To alert you, forum users, from this danger;
c. To say: "Firefox is not perfect HaHaHa" :P
4. If you use Opera, it will show a dialog before you click the link! Opera rules!
-
it did nothing
it asks to launch firefox that is all
-
Firefox|iceweasel does nothing.
It does not even know the protocol...
-
Actually the problem is that IE lets you open those links in FF (And execute JS in FF, launching it from IE) and maybe lets you gain extra privileges in the OS (Well, anything is possible with windoze :roll: ).
Mozilla is about to remove it from the following release.
To fix this "bug":
(Finnish version, from CERT-FI (aka Viestintävirasto))
1.) Käynnistä rekisterieditori seuraavasti: valitse Käynnistä (Start),
valitse Suorita (Run), kirjoita "regedt32" ja paina OK
2.) Etsi rekisterieditorilla seuraava
rekisteriavain: "HKEY_CLASSES_ROOT\FirefoxURL"
3.) Klikkaa "FirefoxURL" -rekisteriavainta hiiren oikealla näppäimellä
ja valitse Poista (Delete) tai Nimeä uudelleen (Rename)
4.) Toista kohdat 2 ja 3 "HKEY_CLASSES_ROOT\FirefoxHTML"
ja "HKEY_CLASSES_ROOT\Firefox.URL" -avaimille
Quick and short translation:
1. Open regedit (Start -> Run -> regedit)
2. Find HKEY_CLASSES_ROOT\FirefoxURL
3. Click "FirefoxURL" with right mouse button -> choose Delete
4. Do stages 2 and 3 for "HKEY_CLASSES_ROOT\FirefoxHTML"
and "HKEY_CLASSES_ROOT\Firefox.URL" aswell.
Based on CERT-FI security alert (CERT-FI security mailinglist, today 09:23)