Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Yahoo Babelfish - Possible Frame Injection Attack - Des

21 Dec 2009   #1

Windows 7 Pro & Vista Home Premium
Yahoo Babelfish - Possible Frame Injection Attack - Des

Yahoo Babel-fish online service for translating content to different languages. The stringent design bug leads to the possibility of conducting FRAME injection attacks in the context of yahoo domain there by resulting in third party attacks. The issues has been demonstrated in some of my recent conferences. The flaw can be summed up as:

1. There is no referrer check on the origin i.e. the source of request.
2. Direct links can be used to send requests.
2. Iframes can be loaded directly into the context of domain.

Points to Ponder
1. Yahoo login Page – perform certain checks , authorized ones.
2. Yahoo implements FRAME Bursting in the main login Page.

It is possible to remove that small piece of code and design a similar page with same elements that can be used further. It is possible to impersonate the trust of primary domain (YAHOO in this case) for legitimate attacks. There is a possibility of different attacks on YAHOO users.

Note: there is no specific notification is displayed on the top of translated page.

Attacker can conduct a FRAME attack by following below mentioned steps

1. Remove the above stated entities code from the main Login Page.
2. Design the fake domain. Load in the context of Yahoo domain
3. Inline IFRAME provides a familiar fake Login page.
4. Set the backdoor in the Login input boxes for stealing credentials.
5. Trap the victims by diversifying the manipulated URL’s on the Web.One can use
dedicated spamming.
6. The attack is all set to work.

Step 1: Injecting IFRAME - Modified

Step 2 – Stealing Credentials

Aditya K Sood's (0kn0ck) Blog: Yahoo Babelfish - Possible Frame Injection Attack - Design Stringency
This attack works successfully. This is a demo setup.You can try some credentials and try to login.

My System SpecsSystem Spec


 Yahoo Babelfish - Possible Frame Injection Attack - Des

Thread Tools

Similar help and support threads
Thread Forum
SQL injection flaw opens Drupal sites to attack
Source A Guy
Security News
Mass SQL injection attack affects over 200,000 URLs
The attack was originally detected in early December, 2011. It currently affects ASP sites and Coldfusion, as well as all versions of MSSQL. Users that are successfully redirected are exposed to either a fake Adobe Flash page requesting that they update their player, or scareware also known as...
Security News
Mass injection attack compromised 20,000+ domains, delivers fake AV
Source A Guy
Security News
Mass SQL injection attack leads to scareware
Read more: Mass SQL injection attack leads to scareware | ZDNet
Security News
New Injection Attack Hits osCommerce Sites
New Injection Attack Hits osCommerce Sites - Softpedia
Security News
Wordpress injection attack and “affiliate ping-pong.”
Source - Wordpress injection attack and “affiliate ping-pong” | SophosLabs blog
Chillout Room

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 07:19.

Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App