Full Disclosure mailing list archives
Re: on xss and its technical merit
From: "J. Oquendo" <sil () infiltrated net>
Date: Wed, 12 Dec 2007 13:29:21 -0500
Byron Sonne wrote:
In terms of a technically interesting challenge, it sounds about as exciting as picking fights with 10 year olds. Shit man, most of this stuff is more about fooling people than anything. Yawn. I was bored tricking or weaseling passwords out of datacentre employees over the phone 20 years ago. Now I'm supposed to get excited 'cos some retards are doing it over the web?
I agree to an extent however I do know some pretty skillful people on all sorts of levels use xss in conjuction with leveraging a network.
A safe assumption. In fact, if it's on the web, it's a safe assumption it's crap anyways. Or is that Crap2.0?
What's that old adage on "assume". "Forward facing" sites can be leveraged to disclosure other information. E.g., Write an XSS to run commands on the system itself for say a week. Eventually you will see signs of someone logging into said system. Construct an XSS attack to embed the necessary tools to leverage your way into the backbone. Not unlikely a difficult thing to do considering you managed to XSS attack the site in the first place. What you/we see too often on this and other mailing list is stupidity a-la "I just XSS and popup up w00t now give me credit!" That is not what I consider a hack I consider it stupidity. What would have impressed me would be someone using a curl POST with a proxy, dumping binaries and having those binaries run with the user privileges of the webserver. One misconfigured webserver (chown -Rf root:wheel) and its a wrap. -- ==================================================== J. Oquendo SGFA #579 (FW+VPN v4.1) SGFE #574 (FW+VPN v4.1) "I hear much of people's calling out to punish the guilty, but very few are concerned to clear the innocent." Daniel Defoe http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: on xss and its technical merit reepex (Dec 09)
- <Possible follow-ups>
- Re: on xss and its technical merit coderman (Dec 12)
- Re: on xss and its technical merit Byron Sonne (Dec 12)
- Re: on xss and its technical merit Jay (Dec 12)
- Re: on xss and its technical merit Byron Sonne (Dec 12)
- Re: on xss and its technical merit J. Oquendo (Dec 12)
- Re: on xss and its technical merit Byron Sonne (Dec 12)
- Re: on xss and its technical merit Fredrick Diggle (Dec 12)
- Re: on xss and its technical merit Joao Inacio (Dec 12)
- Re: on xss and its technical merit Fredrick Diggle (Dec 12)
- Re: on xss and its technical merit Morning Wood (Dec 13)
- Re: on xss and its technical merit Fredrick Diggle (Dec 13)
- Message not available
- Re: on xss and its technical merit Fredrick Diggle (Dec 13)
- Re: on xss and its technical merit Joao Inacio (Dec 12)
- Re: on xss and its technical merit Fredrick Diggle (Dec 12)
- Re: on xss and its technical merit Byron Sonne (Dec 12)
- Re: on xss and its technical merit Valdis . Kletnieks (Dec 12)