Full Disclosure mailing list archives
Re: Attacking the local LAN via XSS
From: Georgi Guninski <guninski () guninski com>
Date: Fri, 4 Aug 2006 10:02:13 +0300
On Fri, Aug 04, 2006 at 12:35:48AM +0100, pdp (architect) wrote:
For that purpose three prerequisites are needed: 1. page that is controlled by the attacker, lets call it evil.com 2. border router vulnerable to XSS
do you need javascript in all cases? unless you badly need http POST, doing blind <img src=http://ip/cgi-bin/readmailreallyfast>, iframe src=, may have interesting side effects. -- where do you want bill gates to go today? EOM _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Attacking the local LAN via XSS pdp (architect) (Aug 03)
- Re: Attacking the local LAN via XSS Peter Dawson (Aug 03)
- Re: Attacking the local LAN via XSS pdp (architect) (Aug 04)
- Re: Attacking the local LAN via XSS Georgi Guninski (Aug 04)
- Re: Attacking the local LAN via XSS pdp (architect) (Aug 04)
- Re: Attacking the local LAN via XSS Schanulleke (Aug 04)
- Re: Attacking the local LAN via XSS Siim Põder (Aug 04)
- Re: Attacking the local LAN via XSS Thierry Zoller (Aug 04)
- Re: Attacking the local LAN via XSS pdp (architect) (Aug 04)
- Re[2]: Attacking the local LAN via XSS Thierry Zoller (Aug 04)
- Re: Re[2]: Attacking the local LAN via XSS pdp (architect) (Aug 04)
- Re: Attacking the local LAN via XSS Nikolay Kubarelov (Aug 07)
- Re: Attacking the local LAN via XSS Dude VanWinkle (Aug 08)
- Re: Attacking the local LAN via XSS pdp (architect) (Aug 04)
- Re: Attacking the local LAN via XSS Peter Dawson (Aug 03)