WebApp Sec mailing list archives
Re: Help with referer issues in XSS
From: Yuping Li <lyp20062392 () gmail com>
Date: Wed, 7 Mar 2012 12:35:49 +0800
Hi, Thanks for all your response. The premise of my situation is that there is a XSS bug in the site, and I want to utilize this vul to do something more, for example, forge some post requests in my js code, you may recall the glorious "Samy" story here. But the server is now checking the referer field of any request, and the expected referer should be like this: http://(www.)example.com(/xxx). And can't be: 1, no referer 2, (example.com.***).attack.com/... Until last second, I came to realize that the host part in the referer field can only be http://(www.)example.com, and the request will fail if the referer contain some sort of "xss attempt", but I can only launch the post requests in the xssed page which means the xss attempt will inevitable be contained in the referer field of a normal request. Of course I can set it with firefox addons, but there is no point here. Seems if there is no programming way to set my own referer of my post request and their xss detecting techniques of referer are good enough, I may have no hope. Yuping This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------
Current thread:
- Help with referer issues in XSS Yuping Li (Mar 06)
- Message not available
- Message not available
- Re: [WEB SECURITY] Help with referer issues in XSS Stefano Di Paola (Mar 06)
- Message not available
- Message not available
- Re: Help with referer issues in XSS gorka - (Mar 06)
- Message not available
- Re: Help with referer issues in XSS Yuping Li (Mar 06)
- RE: Help with referer issues in XSS Alan Tatourian (Mar 06)
- Re: Help with referer issues in XSS Benedetto Nespoli (Mar 07)
- Re: Help with referer issues in XSS Yuping Li (Mar 06)