Oh my god why isnt it working
Web page spoofing vulnerability:
• Like the vulnerability above, this vulnerability would not provide any way to force users to the attacker's web site, and DNS poisoning or other measures would likely be required to exploit it.
• Any hyperlinks within the page would correctly show the target. As a result, the attacker would need to point these to bona fide locations on the spoofed web site, with the result that the attacker would likely only be able to spoof a single web page, rather than an entire site.
Variants of "Frame Domain Verification" vulnerability:
• The vulnerability could only be used to read - not add, delete or change files.
• The attacker would need to know the exact name and location of every file he wished to read.
• The vulnerability could only be used to read file types that can be opened within a browser window - for example, .htm, .txt or .doc files, but not .exe or .xls files.
• Like the vulnerability above, this vulnerability would not provide any way to force users to the attacker's web site, and DNS poisoning or other measures would likely be required to exploit it.
• Any hyperlinks within the page would correctly show the target. As a result, the attacker would need to point these to bona fide locations on the spoofed web site, with the result that the attacker would likely only be able to spoof a single web page, rather than an entire site.
Variants of "Frame Domain Verification" vulnerability:
• The vulnerability could only be used to read - not add, delete or change files.
• The attacker would need to know the exact name and location of every file he wished to read.
• The vulnerability could only be used to read file types that can be opened within a browser window - for example, .htm, .txt or .doc files, but not .exe or .xls files.
Comments