Closed
Bug 899992
Opened 11 years ago
Closed 7 years ago
PoC for cursorjacking (WebCam cursorjacking on mozilla firefox 22)
Categories
(Core Graveyard :: Plug-ins, defect)
Tracking
(Not tracked)
RESOLVED
INCOMPLETE
People
(Reporter: jordi.chancel, Unassigned)
Details
(Keywords: csectype-spoof, sec-other)
Attachments
(2 files)
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20130727 Firefox/25.0 (Nightly/Aurora) Build ID: 20130727030206 Steps to reproduce: On a special designed webpage with fash webcam control we can do a cursorjacking attack. -LET THE LEFT CLICK BUTTON PRESSED AND CLICK ON CLICKME -WebCam and microphone is enabled! Please use mozilla firefox 22 and not mozilla firefox 25a (don't work on it) you can view this video => http://www.youtube.com/watch?v=HFkx5eow9G8 if another man have reported a similare issue , he have steal my PoC (like Damien Bancal It's probably so why my PoC don't works on firefox 25a [probably fixed]) I will try to do work this PoC on firefox 25a later Actual results: Fash webcam is enabled! Expected results: the mouse is not visible and when you let press the left click and move the mouse she is not visible on the fash warning element.
|
||
Updated•11 years ago
|
Component: General → Plug-ins
|
Reporter | |
Comment 1•11 years ago
|
||
|
|
||
Comment 2•11 years ago
|
||
What version of Flash are you using? We tried this out on Linux with 22, and when the mouse pointer was over the "authorize/refuse" buttons the cursor was suddenly completely visible in the proper location.
|
|
Reporter | |
Comment 3•11 years ago
|
||
i use the lasted version of flash and on windows 7 when you let the left click pressed and move the mouse , you don't view the cursor on flash element.
|
|
Reporter | |
Comment 4•11 years ago
|
||
please use windows 7
|
|
Reporter | |
Comment 5•11 years ago
|
||
yes on linux the mouse is visible but on windows when you let the left click button pressed and move the mouse , when it is on the flash element, the mouse is totaly unvisible. PLEASE USE WINDOWS and reproduce all steps.
|
||
Updated•11 years ago
|
Flags: needinfo?(mwobensmith)
|
|
||
Comment 6•11 years ago
|
||
I cannot get either of these examples to work on FF22 or FF25. The SWF and other page elements are not aligned the same way as they are in your video, so when I click on your button, the cursor is not near the Flash webcam dialog at all... so no click there.
Flags: needinfo?(mwobensmith)
|
|
||
Comment 7•11 years ago
|
||
Jordi, after more thought, I have to ask - why is this different than any other cursorjacking examples out there? It seems that the problem of fake cursors is very well-known. http://en.wikipedia.org/wiki/Clickjacking#Cursorjacking http://blog.kotowicz.net/2012/01/cursorjacking-again.html
|
||
Updated•11 years ago
|
Group: core-security
Keywords: csec-spoof,
sec-other
Summary: WebCam cursorjacking on mozilla firefox 22 → PoC for cursorjacking (WebCam cursorjacking on mozilla firefox 22)
|
|
||
Comment 8•11 years ago
|
||
Not clear there's anything Firefox specifically can do here. This is the web being the web so we'll have to change some standards.
Status: UNCONFIRMED → NEW
Ever confirmed: true
|
||
Comment 9•11 years ago
|
||
I definitely don't see a plugin-specific issue here. Do we possibly already have a bug filed for general cursorjacking that we could dupe against?
|
||
Comment 10•10 years ago
|
||
(In reply to Daniel Veditz [:dveditz] from comment #8) > Not clear there's anything Firefox specifically can do here. We could implement a preference to ignore CSS 'cursor:none' and 'cursor:url()'? (bug 596581) Maybe dupe it there?
|
||
Comment 11•7 years ago
|
||
Resolving old bugs which are likely not relevant any more, since NPAPI plugins are deprecated.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → INCOMPLETE
|
||
Updated•2 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•