Closed Bug 1312874 Opened 3 years ago Closed 2 years ago

Using Modal http auth dialog to DoS browser

Categories

(Firefox :: Security, defect, P3)

defect

Tracking

()

RESOLVED DUPLICATE of bug 377496

People

(Reporter: hwine, Unassigned, NeedInfo)

Details

Attachments

(1 file)

A friend stumbled on hlelo[.]com/<magic_path> from a link purporting to go to youtube. It opens a page with scary stuff about your PC being damaged - (even on a Mac) with a phone number to call - typical scam. However, the user can easily be trapped with no effective way to return to normal browser usage.

Can be reproduced in both Nightly (52), beta (50), and release (49) with new profile.

STR:
 1. start browser with fresh profile
 2. go to "bad url" (see attachment)

What Actually Happened:
 - page is displayed with basic auth modal dialog
 - submitting or dismissing leads to immediate re-display of basic auth dialog
 - No normal menu options are available to restart in safe mode
 - No option to close tab
 - No option to close window
 - Quitting firefox works, but site is immediately reloaded on restart
 - No "normal" option to open 2nd window (but see below)

What I expected to happen:
 - have some "obvious" way to close the offending tab, and return control of the browser to me.
Workarounds:

if you're lucky: keep submitting the basic auth dialog, and trying to close the tab before the basic auth dialog re-appears.

Deterministic: disconnect from network; submit auth dialog; close tab; reconnect to network.
I've seen the likes of the reported issue before(different circumstances: malware infected computer, different browser, I was attempting to clean it), so I won't try to replicate this, but I can confirm that this is a valid bug.
Component: Untriaged → Security
Too late for firefox 52, mass-wontfix.
Blocks: eviltraps
Priority: -- → P3
Summary: DoS from Phishing Site - complicated workaround → Using Modal http auth dialog to DoS browser
The fix for this is eliminating the application-modal dialog (bug 613785)
Depends on: 613785
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 377496
is anyone who achieved this?

iframe with evil web  site can not reproduce the bug.

there is my code

<iframe src='http://10.10.99.36:8000/116.html' width="0" height="0" scrolling="no">

</iframe> 

if anyone who achieved this, please tell me .

thanks in advance!
Flags: needinfo?(hell_test)
You need to log in before you can comment on or make changes to this bug.