New issue
Advanced search Search tips

Issue 777386 link

Starred by 1 user

Issue metadata

Status: WontFix
Owner: ----
Closed: Oct 2017
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug-Security



Sign in to add a comment

Security:SafeBrowsing can,t block phishing sites(important issue)

Reported by shubhamb...@gmail.com, Oct 23 2017

Issue description

(Phishing pages are blocked by but not all ) my phishing pages code are undetectable  

you can try my code (this code also using zshadows.com )



<html>
<head>
<title></title>
<meta name="keywords" content="">
<meta name="description" content="">
<meta name="revisit-after" content="1000 days">
<meta name="robots" content="NOINDEX">
<meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no, maximum-scale=1.0"/>
</head>
<frameset rows="*,3" frameborder="NO" border="50" framespacing="0">
<frame name="main" src="http://your phishing site ip or domain/">
<noframes>
<body bgcolor="#FFFFFF" text="#000000">
<a href="http://your phishing site ip or domain/">Click here to continue</a>
</body>
</noframes>
</html> 

if hacker(phisher ) using this code ,
then browser cant detect phishing site

(i think its serious issue)

 
download.png
114 KB View Download
zshadows and other phishing sites using this code from feve months for bypassing robots securityy and SafeBrowsing 

Comment 2 by kenrb@chromium.org, Oct 23 2017

Status: WontFix (was: Unconfirmed)
Thanks for the report, unfortunately this is not how SafeBrowsing works. It doesn't attempt to dynamically detect phishing sites based on their appearance, rather it blacklists specific sites that are known to be phishing users.
Project Member

Comment 3 by sheriffbot@chromium.org, Jan 30 2018

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment