WebApp Sec mailing list archives
Re: [Full-disclosure] Attacking the local LAN via XSS
From: Nikolay Kubarelov <admin () gramophon com>
Date: Tue, 8 Aug 2006 02:23:38 +0300
On Friday 04 August 2006 16:06, pdp (architect) wrote:
IMHO, if you want to do stuff on lower level, you need to think of something else. JavaScript, Flash and Java Applets are technologies that are designed to run on the WEB. This is why, IMHO, they are quite good platform for performing WEB/HTTP based attacks.
OK, I'm really interested what are those login web pages with default password for admin:password I see all my network. I bet there are more than 10% routers with open http ports. I can attach snapshots if you buy me a beer. The question is what where is the xss bug on major http admin panel's. excuse my english. my bulgarian is better. -- Nikolay Kubarelov ICQ: 172892700 http://gramophon.com admin () gramophon com +359 88 631-0-634 ------------------------------------------------------------------------- Sponsored by: Watchfire Watchfire was recently named the worldwide market leader in Web application security assessment tools by both Gartner and IDC. Download a free trial of AppScan today and see why more customers choose AppScan then any other solution. Try it today! https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008VnB --------------------------------------------------------------------------
Current thread:
- Attacking the local LAN via XSS pdp (architect) (Aug 03)
- Re: [Full-disclosure] Attacking the local LAN via XSS Schanulleke (Aug 04)
- Message not available
- Re: [Full-disclosure] Attacking the local LAN via XSS pdp (architect) (Aug 04)
- Re[2]: [Full-disclosure] Attacking the local LAN via XSS Thierry Zoller (Aug 04)
- Re: Re[2]: [Full-disclosure] Attacking the local LAN via XSS pdp (architect) (Aug 04)
- Re: [Full-disclosure] Attacking the local LAN via XSS Nikolay Kubarelov (Aug 07)
- Re: [Full-disclosure] Attacking the local LAN via XSS Dude VanWinkle (Aug 08)
- Re: [Full-disclosure] Attacking the local LAN via XSS pdp (architect) (Aug 04)