Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more
-
Example: Open this in Edge with your popup blocker enabled:
-
@ben_lubar FWIW, looks like part of that is "fixed" now...
-
@sloosecannon said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@ben_lubar FWIW, looks like part of that is "fixed" now...
http://unsafe.cracking.com.ar/demos/edgeprotocols/popups.html tells a different story.
-
@ben_lubar Hmm, yep, that worked
-
To be fair, this is still IE. I would expect nothing less.
-
@dangeRuss No, no, no! It's Edge! That's a totally other thing completely!
-
@flabdablet said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@dangeRuss No, no, no! It's Edge! That's a totally other thing completely!
So like a clean rewrite of IE with all the same mistakes repeated?
-
@dangeRuss I heard they were going to call it CADT but the marketing guy is a huge U2 fanboi.
-
@dangeRuss said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@flabdablet said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@dangeRuss No, no, no! It's Edge! That's a totally other thing completely!
So like a clean rewrite of IE with all the same mistakes repeated?
All in the name of "users don't like confirmation popups".
Just like my boss told me to auto-save changes to roster on webpages... the user may accidentally changed their roster without realize it... thinking closing it will be safe.
-
@cheong said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@dangeRuss said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@flabdablet said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@dangeRuss No, no, no! It's Edge! That's a totally other thing completely!
So like a clean rewrite of IE with all the same mistakes repeated?
All in the name of "users don't like confirmation popups".
Just like my boss told me to auto-save changes to roster on webpages... the user may accidentally changed their roster without realize it... thinking closing it will be safe.
I don't understanded.
-
@flabdablet said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
CADT
CADT would be a nice name for a Firefox fork.
-
@kt_ said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@cheong said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@dangeRuss said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@flabdablet said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@dangeRuss No, no, no! It's Edge! That's a totally other thing completely!
So like a clean rewrite of IE with all the same mistakes repeated?
All in the name of "users don't like confirmation popups".
Just like my boss told me to auto-save changes to roster on webpages... the user may accidentally changed their roster without realize it... thinking closing it will be safe.
I don't understanded.
Generally, if there is something that users normally won't want to change, and the change will be made permanently, you don't add auto-save feature there.
Much like the "Adjust date/time" dialog box in WinXP, but at least you have to click OK to get the changed date applied to the system, not got auto-saved as you change the month.
-
@sloosecannon I've filed a bug in Feedback Hub App. See how long would it take to fix this.
-
@cheong said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@kt_ said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@cheong said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@dangeRuss said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@flabdablet said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@dangeRuss No, no, no! It's Edge! That's a totally other thing completely!
So like a clean rewrite of IE with all the same mistakes repeated?
All in the name of "users don't like confirmation popups".
Just like my boss told me to auto-save changes to roster on webpages... the user may accidentally changed their roster without realize it... thinking closing it will be safe.
I don't understanded.
Generally, if there is something that users normally won't want to change, and the change will be made permanently, you don't add auto-save feature there.
Much like the "Adjust date/time" dialog box in WinXP, but at least you have to click OK to get the changed date applied to the system, not got auto-saved as you change the month.
Ah, you mean like in Win95/98? That was *annoying*(1). At least 7 and 10 do it right, allowing me to look at different months without farking the date (and the summer/winter time thing, if the month-change crossed the boundary...).
(1) But not as annoying as MarkDown. (Really, guys, if I type stars around something, it's because I want there to be stars around it, not because I want it to be italic(2).)
(2) Especially when it ends up being oblique and not italic.
-
@Steve_The_Cynic said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
Especially when it ends up being oblique and not italic.
Font choice fascist!
-
@dkf said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@Steve_The_Cynic said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
Especially when it ends up being oblique and not italic.
Font choice fascist!
It's a sideways reference to the "Italic" option in most font APIs, which selects an italic version of the typeface selected, if there is one, or fakes up an oblique (leaning-over) version of the base typeface if there isn't one. The key point is that a true "italic" typeface does not look like an oblique version of its base one (so it would be possible to have, say, Times New Roman and Times New Italic(1) and Times New Oblique as separate typeface files, except that most APIs wouldn't directly be able to cope with that, and would have to treat Times New Oblique as a different typeface altogether, leading to ... amusing (if you're amused by that sort of thing) ... results if you asked for it to be "italic". Times New Oblique Oblique FTW!
(1) Times New Roman Italic is a contradiction in terms. "Roman" is the standard "upright" version of the typeface, and "italic" is the version that looks a bit like handwriting, but only a bit, and commonly leans slightly, whence the confusion about italic versus oblique.
What I take away from all this is that, as with so many things that have their origins in pre-computer human technologies (or even post-computer ones), it is more complicated than you thought it was, even if you allowed for it being complicated.
-
I don't have a camera. Would anyone who has one like to chime in?
-
Ah right, the "Did you mean to switch apps" popup appears when trying to load it via iframe or img.
windows.open
will show a toast saying a popup was blocked and asking whether to open it.
But it won't show the URL, because it's not like anyone would try to open a URL outside the domain hosting the page, would it? Pssht, of course not.
-
@ben_lubar said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
E_NOREPRO_FF22
http://i.imgur.com/C94earn.png
Once again, FF22 FTW!
-
@Lorne-Kates Are you on Windows 10?
-
@RaceProUK said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@Lorne-Kates Are you on Windows 10?
Not at work. I haven't killed W10 at home yet, so I guess I can try it.
-
@Lorne-Kates said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@RaceProUK said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@Lorne-Kates Are you on Windows 10?
Not at work. I haven't killed W10 at home yet, so I guess I can try it.
Sidenote: W7 FTW!
-
Welp, I'm convinced. This ad says it's safer so this thread must be wrong. Shame on you all for spreading such malicious lies!
-
@Dreikin said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
Welp, I'm convinced. This ad says it's safer
There is only one safe browser: This one
-
@TimeBandit pretty sure the early Mosaics are safe too these days.
-
@Arantor said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
pretty sure the early Mosaics are safe too these days
extra safe if you run them on windows 95
-
@Arantor said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@TimeBandit pretty sure the early Mosaics are safe too these days.
Pffff. For extra security, download the page with wget and parse the html yourself in vim
-
@flabdablet said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
extra safe if you run them on windows 95
In a VM, with no network access.
-
@TimeBandit said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
parse the html yourself in vim
vim might have sploits
prolly better off using ed
-
@flabdablet You're a smart human being, parse it yourself
-
@flabdablet said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
vim might have sploits
prolly better off using ed
If you are so paranoid, cat | more
-
@TimeBandit I'm not
-
@Arantor said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@TimeBandit I'm not
Of course, would never use vim. (at least, he would never confess using it)
-
@TimeBandit no, but he doesn't have a web browser installed either, he uses wget!
-
@flabdablet said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@Arantor said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
pretty sure the early Mosaics are safe too these days
extra safe if you run them on windows 95
In 2000 or thereabouts, Windows 95 OSR2 (the one with IE3, ffs) found its way onto a machine that was in my care. I wanted to pull down a less antique browser, so went to Microsoft to grab a suitable download of IE4.
I couldn't get in because Bill's Boys had removed the ability to understand HTTP/0.9 from their Web server.
-
@TimeBandit said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@Arantor said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@TimeBandit pretty sure the early Mosaics are safe too these days.
Pffff. For extra security, download the page with wget and parse the html yourself in vim
Nope.
- Set up a box.
- Set up a VM on the box.
- This box will be completely firewalled from the entire network, and will only be allowed access to 80 and 443
- When you want a webpage, you type in the page name into a text file in an specific format.
- You then put that text file onto a USB key
- The USB key is set to READ ONLY
- That USB key is plugged into the box.
- The box copies the file into the VM.
- The VM runs lynx and gets the webpage, streaming it byte-by-byte to disk (to prevent any sort of memory buffer overrun attack on the VM's host)
- Once the file is downloaded, it will send it to a raw printer port
- That will be attached to a dot-matrix printer that is not Internet connected. The printer's firmware will have been completely vetted. There is no way of updating the firmware.
- The printer now prints out the HTML
- You may review the HTML on the webpage. Scrap paper will be provided if you need to work out any css or javascript by hand.
- The VM is wiped clean and restarted, removing any potential of malicious code from the wget command.
- The USB key is set to "READ/WRITE". It is triple-zeroed out and formatted.
(Note: steps 13 and 14 may be replaced with "USB drive is shredded, and you use a new one for the next request". I'm sure you can buy a landfill-worth of 64MB drivers for $5)
-
@Lorne-Kates You win the "Most Paranoid Award"
FileUnder: where can I get an internet-connected dot-matrix printer ?
-
-
@Lorne-Kates said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
Set up a box.
Set up a VM on the box.Make her open the box?
-
@Steve_The_Cynic said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@dkf said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@Steve_The_Cynic said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
Especially when it ends up being oblique and not italic.
Font choice fascist!
It's a sideways reference to the "Italic" option in most font APIs, which selects an italic version of the typeface selected, if there is one, or fakes up an oblique (leaning-over) version of the base typeface if there isn't one. The key point is that a true "italic" typeface does not look like an oblique version of its base one (so it would be possible to have, say, Times New Roman and Times New Italic(1) and Times New Oblique as separate typeface files, except that most APIs wouldn't directly be able to cope with that, and would have to treat Times New Oblique as a different typeface altogether, leading to ... amusing (if you're amused by that sort of thing) ... results if you asked for it to be "italic". Times New Oblique Oblique FTW!
(1) Times New Roman Italic is a contradiction in terms. "Roman" is the standard "upright" version of the typeface, and "italic" is the version that looks a bit like handwriting, but only a bit, and commonly leans slightly, whence the confusion about italic versus oblique.
What I take away from all this is that, as with so many things that have their origins in pre-computer human technologies (or even post-computer ones), it is more complicated than you thought it was, even if you allowed for it being complicated.
your nerd
-
@Maciejasjmj said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
@Lorne-Kates said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
Set up a box.
Set up a VM on the box.Make her open the box?
It's a dick in a box?
-
@Lorne-Kates said in Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more:
The USB key is set to READ ONLY
If this is like the "lock" on SD cards