Avast WEBforum

Other => General Topics => Topic started by: bob3160 on July 31, 2004, 04:54:56 AM

Title: SpoofStick For IE and FireFox
Post by: bob3160 on July 31, 2004, 04:54:56 AM
What is SpoofStick?
SpoofStick is a simple browser extension that helps users detect spoofed (fake) websites. A spoofed website is typically made to look like a well known, branded site (like ebay.com or citibank.com) with a slightly different or confusing URL.
Get all the info and the program at the following URL:
http://www.corestreet.com/spoofstick/ (http://www.corestreet.com/spoofstick/)
Hope it helps. :)
Title: Re:SpoofStick For IE and FireFox
Post by: DavidR on July 31, 2004, 01:13:48 PM
I have it on firefox 0.9.2 and it doesn't fill me with confidence as it is easy to spoof the SpoofStick.

Yes it trys to identify the origin of the true website, but I found a simple exploit of SpoofStick totally invalidating this check.

I regularly visit a website, using a URL domain redirect. I type the friendly short domainname.com and it redirects you to thenotsofriendlyllongdomainname.com website, directory and page.html, etc.

How? the redirect can use frames as the redirect so the website opens inside a frame that appears to be the domain that you typed but it has been redirected. This in hosting terms is known as URL masking and negates SpoofStick.

When you enter a domain check the status bar at the bottom left of the browser window and you can see the path to the true website, where it is downloading images and web pages, etc.

SpoofStick is useful, just don't think it is 100% and carry out the above check when visiting websites from webpage or email links.
Title: Re:SpoofStick For IE and FireFox
Post by: bob3160 on July 31, 2004, 01:53:20 PM
Thanks DavidR
For your full explanation.
Title: Re:SpoofStick For IE and FireFox
Post by: Eddy on July 31, 2004, 02:12:21 PM
Can one of you tell me the entries this application creates in HijackThis so I can add it to the database? Thanks in advance!
Title: Re:SpoofStick For IE and FireFox
Post by: DavidR on July 31, 2004, 05:54:21 PM
Hi Artras,

Using Firefox with spoofstick as an extension, I can't see anything in my very small hijackthis.log.

I can't see any other extensions I'm using in firefox either.

Don't know if this would be different for IE of IE base browsers.