Full Disclosure mailing list archives
Re: Arin.net XSS
From: "Dave Korn" <davek_throwaway () hotmail com>
Date: Mon, 6 Mar 2006 14:20:12 -0000
Steven wrote:
It works in IE just fine and probably some other browsers. Firefox does a few things: 1) It takes the liberty of converting "<" to %3C 2) Leaves %3C as %3C and does not convert into "<"
Nope, that's bog-standard URL encoding, IE does it too, although they may differ in whether they show you it or not, but the request sent to the server is always URL-encoded.
This prevents the script from being interpreted (in)properly via the Address bar.
Nope, it's not run from the address bar, it's run from the body html of
the returned page.
cheers,
DaveK
--
Can't think of a witty .sigline today....
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Arin.net XSS Terminal Entry (Mar 03)
- Re: Arin.net XSS Dave Korn (Mar 03)
- Re: Re: Arin.net XSS Alexander Hristov (Mar 03)
- Re: Re: Arin.net XSS J u a n (Mar 03)
- Re: Re: Arin.net XSS Alexander Hristov (Mar 03)
- Re: Arin.net XSS Steven (Mar 03)
- Re: Arin.net XSS Simon Smith (Mar 03)
- Re: Arin.net XSS Steven (Mar 03)
- Re: Arin.net XSS Dave Korn (Mar 06)
- RE: Arin.net XSS php0t (Mar 03)
- Re: Arin.net XSS Michael Holstein (Mar 03)
- Re: Arin.net XSS Dave Korn (Mar 06)
- Re: Re: Arin.net XSS Paul Farrow (Mar 06)
- Re: Arin.net XSS Simon Smith (Mar 03)
- Re: Arin.net XSS Dave Korn (Mar 03)
- <Possible follow-ups>
- RE: Re: Arin.net XSS Terminal Entry (Mar 03)
- Re: Re: Arin.net XSS Dave Korn (Mar 06)
- Re: Re: Arin.net XSS Morning Wood (Mar 06)
- RE: Re: Arin.net XSS Steven Rakick (Mar 03)
- RE: Arin.net XSS Steven Rakick (Mar 03)