|
|
|
|
|
|
by varenc
1262 days ago
|
|
|
I poked around the install page for Citibank's required software and it's pretty fascinating: https://www.citibank.co.kr/CusSecnCnts0100.act?P_name=ASTx Some quick observations: - That page intentionally disables right-click! Just by putting `oncontextmenu="return false"` on the <body> tag. This gives me flashbacks to the late 90s when this technique was used to make it harder for users to copy images or inspect HTML source. Browsers all have built in developer tools so pretty silly seeing it now. - The JS included on that page is a mix of heavily obfuscated code[0] and completely unminified code with all the internal comments left in[1]. - I was impressed that the required software seems to support Fedora and Ubuntu/Debian as well as macOS and Windows. - One of the installations is checked by making a JSON-P call (another old tech flashback!) to `https://lx.astxsvc.com:55921/ASTX2/hello?...`. This works because lx.astxsvc.com resolves to 127.0.0.1 so you're just hitting your localhost. Presumably the installed software checks the referer header to ensure only citibank is making these requests. [0] https://www.citibank.co.kr/aB-IFIZu8Pd7Zd1yjboonwGx/uYfEz6Dp... [1] https://www.citibank.co.kr/3rdParty/wizvera/veraport/install... |
|
|
Did you notice the plain HTTP (no SSL) download URLs for the “security software”? If not, you are missing out!