Tested on Windows 10 x64
Edge Version: 20.10240.16384.0
Internet Explorer Version: 11.0.10240.16431
Microsoft Edge is a web browser developed by Microsoft and included in the company's Windows 10 operating systems, replacing Internet Explorer as the default web browser on all device classes.
Internet Explorer is a series of graphical web browsers developed by Microsoft and included as part of the Microsoft Windows line of operating systems, starting in 1995. It was first released as part of the add-on package Plus! for Windows 95 that year. Later versions were available as free downloads, or in service packs, and included in the Original Equipment Manufacturer (OEM) service releases of Windows 95 and later versions of Windows.
What presents these screenshots? The certificate error on domain http://kacperrybczynski.com/? No! (tip: certificate error over http ?)
Error concerning the certificate but occurs in another domain (not http://kacperrybczynski.com/), but where??
The browser interprets headers first, then current url and more... Spoofing works when in response Edge/IE receive "Location:" parameter, (HTTP 302).
PoC source code:
<?php header("Location: https://elo.devilteam.pl/"); ?>
2015-10-27 - Vulnerability reported to vendor
2016-02-19 - CVE-2016-0077
Kacper Rybczyński (@kacperybczynski)