Google's Chrome browser has been marred by yet another vulnerability, this one allowing attackers to impersonate websites of groups like the Better Business Bureau, PayPal or, well, Google. Researcher Liu Die Yu of the TopsecTianRongXin research lab in Beijing says the spoofing vulnerability is the result of faulty code inserted …
Erm no, it is a vulnerability, and it is there.
El Reg has just linked to the proof of concept incorrectly.
Correct proof of concept link:
(e.g. lose the 'bye.html' off the end)
Then click the BBB logo presented to open a popup with a bbb.org 'address' and his own content.
Perhaps they already fixed it?
Try this address: http://liudieyu.com/kissofthedragon.32168816196486005/
Click the button to "verify" with the bbb and you should see the exploit in a pop up window.
story updated to correct link
Designed for insecurity ?
So do we get the impression that security is designed into Chrome through its architecture, or do we get the impression that it's an implementation add-on which depends on its programmers noticing the vulnerabilities ?
And the cartoons made it look so good.
That's the last time I get taken in by a bunch of etchings.
We all Fail
People actually use chrome?
Not Webkit issue ?
Quote from Liu Die Yu who found this - "I don't see Apple Safari vulnerable in the same way," he writes in an email to The Register. "They share the same engine(webkit)."
Chrome uses v525.13 of Webkit, Safari uses v525.19. I haven't tested in Safari, but I have tried the POC page in Iron, the fork of Chrome from SRWare which also uses v525.19 of Webkit, it gets an alert for bbb.org that is 'undefined' and if you OK this you get what appears to be the correct page.
Maybe it is a Webkit issue, can anyone who has the developer version 0.3.154.3 of Chrome say what version of Webkit this uses ?
last i checked
..this was still in beta. exactly when bugs should be caught. Surely no-one's using this browser for anything other than testing at the moment?
Also works on
I use version 0.2.149.30 and it didn't work for me. I can see the normal URL in the address bar. Not Phished.
Just tried this in Opera and it's the same.