Full Disclosure mailing list archives

Re: Re: Arin.net XSS

From: "Dave Korn" <davek_throwaway () hotmail com>
Date: Mon, 6 Mar 2006 13:54:26 -0000

Terminal Entry wrote:

Dave,

You need to copy and paste the full URL into your browser for the XSS
to take place.  All exploit examples are still working as I just
verified.

<copy>
http://ws.arin.net/whois/?queryinput=%3CIMG+SRC%3D%22javascript%3Aalert%28%27XSS%27%29%3B%22%3E
</paste>


  Yep, it's the IE-vs-Firefox thing that meant it didn't work for me.  I can 
reproduce it fine in IE.

    cheers,
      DaveK
-- 
Can't think of a witty .sigline today.... 



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Re: Arin.net XSS, (continued)
- - - Re: Re: Arin.net XSS J u a n (Mar 03)
- Re: Arin.net XSS Steven (Mar 03)
  - Re: Arin.net XSS Simon Smith (Mar 03)
    - Re: Arin.net XSS Steven (Mar 03)
    - Re: Arin.net XSS Dave Korn (Mar 06)
    - RE: Arin.net XSS php0t (Mar 03)
    - Re: Arin.net XSS Michael Holstein (Mar 03)
    - Re: Arin.net XSS Dave Korn (Mar 06)
    - Re: Re: Arin.net XSS Paul Farrow (Mar 06)
- RE: Re: Arin.net XSS Terminal Entry (Mar 03)
  - Re: Re: Arin.net XSS Dave Korn (Mar 06)
  - Re: Re: Arin.net XSS Morning Wood (Mar 06)
- RE: Re: Arin.net XSS Steven Rakick (Mar 03)
- RE: Arin.net XSS Steven Rakick (Mar 03)