Possible Download of .url Files for Data Exfiltration
Categories
(Firefox :: Security, defect)
Tracking
()
People
(Reporter: fazim.pentester, Unassigned)
References
Details
(Keywords: reporter-external, Whiteboard: [reporter-external] [client-bounty-form] [verif?])
Attachments
(1 file)
|
4.96 KB,
text/html
|
Details |
In Firefox it has implemented a security measure to protect users by replacing the download of ".lnk" files with ".download" extension. However, there is another file extension that is considered to be more severe than ".lnk", which is the ".url" extension.
A ".url" file, also known as a URL shortcut, is a type of link file that points to a web page or other resource on the internet. These files can be created by the user or by an application, and can be used to quickly access a specific webpage. However, if a ".url" file is maliciously created by an attacker, it can contain a script or other code that will execute automatically when the file is opened. This can lead to the execution of malware, the stealing of personal information, or other malicious activity.
hence made a POC which uses this method by convincing the user to save and upload the saved file for data exfiltration.
|
||
Updated•2 years ago
|
|
||
Updated•2 years ago
|
|
|
||
Comment 2•1 year ago
|
||
Congratulations, we have awarded a bug bounty for this issue. The award is split with bug 1809923 since it was filed within the "collision window" defined in our bug bounty policy.
|
||
Updated•1 year ago
|
|
|
||
Updated•8 months ago
|
|
||
Updated•27 days ago
|
Description
•