Full Disclosure mailing list archives
Re: Google is vulnerable from XSS attack
From: bugtraq () cgisecurity net
Date: Sat, 3 Dec 2005 16:20:12 -0500 (EST)
So how about a real world attack scenario for this. This is one of the lamest vulns I have ever seen.
Until about a year ago, I'd have to agree with you. A lot of uses for XSS have been researched in the last year including a few new ways to use it make it 'useful'. Not only can you do standard cookie hijacking with XSS, but combined with browser flaws XSS 'could' (in certain situations) be used to help portscan and possible exploit(carry exploit payloads) a backend network behind a firewall (to the user visiting the XSS'd link), as well as gather Basic Auth credentials(or other headers) via XST attacks. Jeremiah Grossman presented at blackhat and showed that it's possible to capture keystrokes from a user that has visited a 'XSS'd' link as well as have bidirectional communication with them. Functionality such as xmlhttp can greatly expand the usefulness of Cross Site Scripting. The Cross Site Scripting FAQ http://www.cgisecurity.com/articles/xss-faq.shtml Cross-Site Tracing (XST) (Official Mirror) http://www.cgisecurity.com/lib/WH-WhitePaper_XST_ebook.pdf AJAX (Asynchronous Javascript and XML) Links http://www.cgisecurity.com/ajax/ Jeremiah's blackhat talk http://www.blackhat.com/presentations/bh-jp-05/bh-jp-05-grossman.pdf XSS is 'starting' to get fairly useful. Regards, - admin () cgisecurity com http://www.cgisecurity.com/ (Web Security News, and More!) http://www.cgisecurity.com/index.rss (Web Security News RSS Feed) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Google is vulnerable from XSS attack n3td3v (Dec 02)
- Re: Google is vulnerable from XSS attack php0t (Dec 02)
- Re: Google is vulnerable from XSS attack InfoSecBOFH (Dec 03)
- Re: Google is vulnerable from XSS attack n3td3v (Dec 03)
- Re: Google is vulnerable from XSS attack bugtraq (Dec 03)
- Re: Google is vulnerable from XSS attack n3td3v (Dec 04)
- Re: Google is vulnerable from XSS attack ghost (Dec 05)
- Re: Google is vulnerable from XSS attack InfoSecBOFH (Dec 04)
- RE: Google is vulnerable from XSS attack Joseph Pierini (Dec 04)
- Re: Google is vulnerable from XSS attack InfoSecBOFH (Dec 03)
- Re: Google is vulnerable from XSS attack php0t (Dec 02)
- RE: Re: Google is vulnerable from XSS attack Joseph Pierini (Dec 05)
- Re: Re: Google is vulnerable from XSS attack n3td3v (Dec 07)
- RE: Re: Google is vulnerable from XSS attack jpierini (Dec 07)
- Message not available
- Re: Re: Google is vulnerable from XSS attack n3td3v (Dec 07)
- Re: Re: Google is vulnerable from XSS attack Morning Wood (Dec 07)