Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: XSS in viewstate

From: "Chris Weber" <chris () casabasecurity com>
Date: Fri, 19 Feb 2010 09:26:34 -0800
One important thing to note is that VIEWSTATE MAC protection is enabled by default.  It's only when this protection is 
purposely disabled that tampering and this XSS vector become possible.  You can detect when this protection has been 
disabled either through code review, or passively with dynamic testing which is what we'll be doing with the Watcher 
tool.

-Chris


-----Original Message-----
From: dailydave-bounces () lists immunitysec com [mailto:dailydave-bounces () lists immunitysec com] On Behalf Of dave
Sent: Friday, February 19, 2010 6:46 AM
To: dailydave () lists immunityinc com
Subject: [Dailydave] XSS in viewstate

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://www.hacking-lab.com/misc/downloads/ViewState_Afames.pdf

This, on first glance, looks real to me. Does anyone have any comments
on it? ViewState is pretty complex and fairly opaque. If I understand
properly, MS does not publish the full specs to it? Maybe the Mono team
found them somewhere?

- -dave
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkt+pCEACgkQtehAhL0ghepUJQCeMs9I2pnL3z4eYicYF44xaUgd
T4gAnjD/aFU9Z2tWRHge7i4Ch48BS3Ph
=w0qz
-----END PGP SIGNATURE-----
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: