"I'm not bad. I'm just drawn that way." (Jessica Rabbit in Who Censored Roger Rabbit?) Per fortuna Firefox è software libero: c'è la speranza che qualche sviluppatore faccia un fork. m.c. In data giovedì 13 settembre 2018 00:13:03 CEST, Giacomo Tesio ha scritto:
Salve, e' stato pubblicato un nuovo exploit del bug che ho recentemente segnalato a Mozilla e Google.
Basically any old webpage can perform local network host discovery on you.
To implement this I made a webpage which attempts to load images from addresses 192.168.1.x. If you watch in the browser console it’ll show either net::ERR_CONNECTION_REFUSED for a host that’s up or net::ERR_ADDRESS_UNREACHABLE for a host that doesn’t exist. This is a CORS error which the javascript on the webpage is not allowed to differentiate by catching. But one error takes 3 ms to happen and the other takes 3 seconds! [...] A related thing a webpage in your browser might do is connect to localhost and control any unauthenticated local services. Taviso used this to great effect here https://github.com/spesmilo/electrum/issues/3374
https://rain-1.github.io/in-browser-localhostdiscovery
E con questo siamo a 2 exploit che vanificano firewall e proxy aziendali. E io ne ho descritti altri nel bug report!
E Mozilla tace. Io sono allibito.
Ricordate "this is the Web functioning as desinged"!
Giacomo