Vulnerability Development mailing list archives
Re: Sourceforge.net XSS
From: Valdis.Kletnieks () vt edu
Date: Mon, 17 Apr 2006 14:57:17 -0400
On Mon, 17 Apr 2006 11:31:51 EDT, v9 said:
samy's worm was stored on the server and shown to all who viewed his myspace page. these kind of XSS are in a url you'd have to create yourself, you wouldn't ever stroll across this, as you have to make it in the url to work.
This is still a threat if the attacker is able to use social engineering to increase the chances somebody will click on it. Goatse isn't something somebody would stroll across either, but you certainly see enough attempts to put links to it in Slashdot postings...
so as i said before, encoded/phishing (emails) is about the only possible use for these that i can see, and not even to a good extent(easier to just use the usual <A HREF> style misdirection, and has more options). if someone can tell me otherwise, post a RELATED reply. (ie. in-url XSS)
Using <A HREF> *is* certainly easier, and the cost of admission is basically the same for both - you need to entice the user to click the link. The difference is in what your *goal* is. If you want them to visit some *other* page, a simple anchor works. If you want to execute some Javascript in *this* page's context, you'll be looking for an XSS.....
Attachment:
_bin
Description:
Current thread:
- Sourceforge.net XSS the . spikey (Apr 09)
- <Possible follow-ups>
- Re: Sourceforge.net XSS v9 (Apr 12)
- Re: Sourceforge.net XSS Daniel (Apr 12)
- Re: Re: Sourceforge.net XSS v9 (Apr 13)
- Re: Sourceforge.net XSS ascii (Apr 13)
- Re: Sourceforge.net XSS Juan C Calderon (Apr 17)
- Re: Sourceforge.net XSS v9 (Apr 17)
- Re: Sourceforge.net XSS morgan allen (Apr 18)
- Re: Sourceforge.net XSS Valdis . Kletnieks (Apr 18)
- Re: Sourceforge.net XSS Juan C Calderon (Apr 18)
- Re: Sourceforge.net XSS v9 (Apr 17)