Hosting Provided By

Re: XSS

From: zeno <bugtraq(at)cgisecurity.net>
Date: Tue Dec 10 2002 - 16:59:44 EST

>
> Hey zeno, and others...

Hi! :p

>
> In this particular instance this scenario may work.
>
> The vuln site is widgets.com and has a xxs flaw.
>
> I run a news story on my site saying widgets.com is going out of business
> because of '.......' and give a link to widgets.com/<xss stuff>, people
> clicking on the link will be taken to widgets.com and shown an iframe with
> the fake new story. This will appear as if it is actually on widgets.com and
> thus believable.

Yup that to. I did this once on perl.com with a xss in the search engine. Made a fake story make it into a image and hex encoded the url and sent it to the lists. It even managed to fool a staff member for a little bit.

This was the fake story I posted to the security lists as real. http://www.cgisecurity.com/time.jpg

zeno

>
> Another use of xss which I have not seen mentioned is.
>
> If the page that has xss holes, also displays information such as passwords,
> then the XSS can be used to grep the info from the page and send it back out
> to the net.
>
> Brett
>
> > -----Original Message-----
> > From: zeno [mailto:bugtraq@cgisecurity.net]
> > Sent: Wednesday, 11 December 2002 07:36
> > To: John Madden
> > Cc: webappsec@securityfocus.com
> > Subject: Re: XSS
> >
> >
> > >
> > > Hi All,
Received on Tue Dec 10 17:53:32 2002

This message: [ Message body ]
Next message: Brett Moore: "RE: XSS"
Previous message: mlh(at)zip.com.au: "Re: JSP Security - Limiting URL's"
In reply to: Brett Moore: "RE: XSS"
In reply to zeno: "Re: XSS"
Reply: Brett Moore: "RE: XSS"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:46 EDT