Sign in / up

* Posts by Inferno

4 publicly visible posts • joined 21 Jul 2009

IE bug leaks private details from 50m PDF files

Inferno
Welcome

Some answers...

@Sven, a better example without the footer is

http://www.oregon.gov/OMD/OEM/plans_train/grant_info/fy2009_hsgp_investment_justification.pdf

@Mat, this does not occur in other browsers such as Chrome, Firefox, etc. Please read the article at my site.

@Anonymous Coward - By default, IE does not have any pdf printer, so for making pdf, you need to install something like acrobat professional, cutepdf, etc. The problem occurs when IE passes local path in the title field while other browsers don't. The bug is also open on the Adobe side as well but much harder to fix since every pdf printer driver from multiple vendors would have to filter the title.

0 0
Inferno
Thumb Up

Nicely summarized.

Hi Dave,

I don't think the explanation is incomplete. It is obvious that if you are using the print function of IE to generate the PDF, then it will be use a PDF printer driver. For my site, I have to include more details as I get much more space to write. So, I think Dan summarized it nicely.

Cheers,

Inferno

0 0

Researcher raids browser history for webmail login tokens

Inferno
Thumb Up

Inferno here...

@Anonymous Coward - you should understand security before making any accusation. This token is not sessionid, but your csrf protection token. your sessionid will be automatically sent by browser in every request if you are authenticated. Regarding your CSS file argument, please first go and check out the proof of concept code. you won't see any hardcoded token there.

If you need real world examples, check out the last comment on the post on my site.

0 0
Inferno
Happy

Inferno here...

@Anders - no your browser won't be frozen, that is why i put setTimeouts in PoC. you can put some nice content in a post, or run a pirated movie site, etc. anyway, 2min is for searching entire key space, and attacker might discover your token early

@Anonymous - nice suggestion and too secure....

@Adam, nice idea, but really this attack will run on your vulnerable client, who just accidently visits a evil site. So, it will be poor guy going to jail. if we think more, we can work it out :)

@Sebby. LoL..

Cheers,

Inferno

0 0