HTTP Authentication Spoof on Firefox for IOS & Android
Categories
(Firefox :: Security, defect)
Tracking
()
People
(Reporter: frozzipies, Unassigned)
References
Details
(Keywords: reporter-external, Whiteboard: [client-bounty-form])
Summary & Details
This vulnerability occurs when there is a condition that Browser HTTP Authentication can be spoof. This means that the omnibox will show paypal.com for example, while the omnibox still shows paypal.com, the HTTP authentication prompt from https://eviltrap.site will appear.
Steps to Reproduce
- Access the PoC page using Firefox for IOS & Android (https://frozzipies.github.io/httpauthspoof.html)
- Press the button
- You will see that the URL omnibox will show paypal.com and the HTTP Authentication Pop Up that come from https://eviltrap.stie will appear when the omnibox still on paypal.com
I've attach PoC, Source Code, etc here:
https://drive.google.com/drive/folders/1AkQv0YXYTUMr3_Y2S1bGQzQtAHFxCPIy?usp=sharing
Similar issue references:
https://issues.chromium.org/issues/40055876
Comment 1•1 month ago
|
||
Hi! Author of eviltrap.site here. I'm pretty sure this is just a copy of https://github.com/Trikolon/evil-traps/blob/master/src/traps/http-auth-spoof/index.js. You're even using my endpoint in your PoC. This is originally from Bug 791594.
Desktop has fixed this but it's possible mobile has not. This is a known issue so I don't think this bug needs to be hidden.
Updated•1 month ago
|
Updated•29 days ago
|
Comment 3•25 days ago
|
||
Can we open this up as a duplicate of bug 1631073, which is public? I'm not sure why bug https://bugzilla.mozilla.org/show_bug.cgi?id=1908869 is still hidden though.
Comment 4•25 days ago
|
||
Sounds good. I can't speak for the other bug but since this is a duplicate of a public bug we should make it public.
Description
•