Full Disclosure mailing list archives
Re: Re: micosoft.com xss
From: "Mad World" <penetrator () home in th>
Date: Tue, 8 Aug 2006 06:04:19 -0700
Good morning ! You can doubt, it's your right to do so. Wanna bet ? Just open your eyes and your nose will show you that you are actually braking silly structure of page in more than one place .. I's relatively easy using the same exact place of code you tried to make it. I have working example, it is based on other microsoft "features" as well. Greets, - Mad World --- thomas.pollet () gmail com wrote: From: "Thomas Pollet" <thomas.pollet () gmail com> To: penetrator () home in th Cc: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] Re: micosoft.com xss Date: Tue, 8 Aug 2006 10:18:56 +0200 On 08/08/06, Mad World <penetrator () home in th> wrote: Why do you need it ? You already discovered xss, the rest of "job" is just matter of technique. I think majority of xss submitters here could do it by various means. M$ is lost in its own complexity of how to do simple things. If you could ever give me reasonable answer for why do you need this $hit - I could give you the "rest", like others could. I doubt you actually tried getting js executed on page load (for some reason they try to prevent xss in a number of ways). I did try and didn't succeed, that's why I ask. Greets, Thomas _____________________________________________________________ Visit Thailand @ http://www.sawadee.com Websearch and email: DNSASIA.com .... FAST! 128k dialup: login.samuinet.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- micosoft.com xss Thomas Pollet (Aug 07)
- <Possible follow-ups>
- Re: Re: micosoft.com xss Mad World (Aug 07)
- Re: Re: micosoft.com xss Thomas Pollet (Aug 08)
- Re: Re: micosoft.com xss Mad World (Aug 08)
- Re: Re: micosoft.com xss Mad World (Aug 08)
- Re: Re: micosoft.com xss Thomas Pollet (Aug 08)