Window hijack demo

Introduction

Secunia Research discovered Dec 2004 a vulnerability which affects most browsers. The vulnerability can be exploited by a malicious web site to hijack a named browser window, regardless of which web site is the true "owner" of the window. Let us hijack the window "Internet_Bankieren" from www.postbank.nl. (This no longer works on recent browsers)

Below you find three links to the page http://www.postbank.nl/.

The first - no tricks here.

Click and see - yes, this is the postbank. Click on "Log in" (upper right). See - yes, the correct Login window. Close these windows again.

The hijack

Click the first link if you have a pop-up blocker enabled, or the second link if you do not have a pop-up blocker enabled.

With Pop-up Blocker
Without Pop-up Blocker

You get the same page http://www.postbank.nl/ again, but this time we plan to hijack it. Click the Login link on that page. If your browser is vulnerable, then the login page will be replaced by a fake one. If you want to try again, please refresh this page.

Exercise

Read the page source and understand what happens.