New issue
Advanced search Search tips

Issue 749360 link

Starred by 2 users
Status: WontFix
Owner: ----
Closed: Jul 2017
Cc:
pnangunoori@chromium.org
est...@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 3
Type: Bug
Team-Security-UX



Sign in to add a comment

Possible MitM vector?

Reported by lucas.m....@gmail.com, Jul 27 2017 
Chrome Version       : 59.0.3071.115
OS Version: 6.1 (Windows 7, Windows Server 2008 R2)
URLs (if applicable) : https://cmom.cplex.io
Other browsers tested: FireFox 54.0.1, IE 11

What steps will reproduce the problem?
1. Visit the url https://cmom.cplex.io
2. Observe that you are redirected to https://advengr.cplex.me/


What is the expected result?
Failed certificate verification

What happens instead of that?
Redirection.

Please provide any additional information below. Attach a screenshot if
possible.

It seems like this could be used in a sneaky way to MitM people, but I haven't thought too deeply about it.

UserAgentString: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36

Comment 1 by lucas.m....@gmail.com, Jul 27 2017 

Gah this is probably due to bypassing the bad cert warning on a prior visit in the session, my bad

Comment 2 by nyerramilli@chromium.org, Jul 27 2017

Labels: Needs-Milestone

Comment 3 by pnangunoori@chromium.org, Jul 27 2017

Cc: pnangunoori@chromium.org
Labels: Needs-Feedback
Tested on Chrome Stable #60.0.3112.78 & Canary #62.0.3167.0 on Windows 7 and was redirected to login page of the same URL ‘https://cmom.cplex.io/ '. Attached the screen-cast for reference.

Steps followed:
1. Entered the mentioned URL ‘https://cmom.cplex.io/ ‘.
2. ‘Your connection is not private’ error is displayed.
3. Click on ‘Advanced’ link.
4. Click on the link ‘Proceed to cmom.cplex.io (unsafe)’.
5. User is redirected further to enter login credentials.

@lucas.m.green -- Could you please follow the above steps and enter respective credentials. If you still face issues, please provide us login credentials to investigate the issue further.

Please let us know if we have missed anything.

Thanks in advance.
749360.mp4
324 KB View Download

Comment 4 by rsleevi@chromium.org, Jul 27 2017

Cc: est...@chromium.org
Components: UI>Browser>Interstitials
Emily: Does the interstitial redirect work code work across eTLDs? Might this explain it?

To the reporter: Can you include the list of variations listed when you load chrome://version ?

Comment 5 by est...@chromium.org, Jul 28 2017

Status: WontFix (was: Unconfirmed)
Per comment 1, it sounds like this is due to previously clicking through a certificate error, so it's WAI.

(Re comment 4, the interstitial redirect is only for hostnames that differ by a 'www' prefix, so it shouldn't come into play here.)

Comment 6 by rsleevi@chromium.org, Jul 28 2017 

D'oh, I missed Comment 1 somehow. Sorry for the noise.

Comment 7 by est...@chromium.org, Jul 28 2017 

No problem, I missed it on the first 3 readings as well :)

Sign in to add a comment