Penetration Testing mailing list archives

Re: XSS vulnerabiilty testing and impact

From: "Robert E. Lee" <robert () outpost24 com>
Date: Thu, 27 Jul 2006 03:46:25 -0700

On Thu, 27 Jul 2006 09:33:50 +0800
"Rick Zhong" <sagiko () gmail com> wrote:

My question is if the user inputs are not displayed to any other users
ANYWHERE in the application, what's the impact of this XSS
vulnerability? Or are we still consider this as an XSS vulnerability?
Can malicious intruders still take advantage of this?

Yes, it is still considered XSS by many (most?). It's usually only a real problem if the XSS is exploitable
pre-authentication. If it is a pre-auth XSS, an attacker can use a phishing scenario to collect valid login
credentials. This attack is greatly aided when the site also has SSL, as the user will be able to verify that they are
indeed talking to https://www.theirrealbank.com... but the content of the page will be controlled by the attacker
through the pre-auth XSS.

There are likely other bad scenarios, but that's the one I usually think of when I see it.

Robert

--
Robert E. Lee
Chief Security Officer
http://www.outpost24.com

phone: (949) 394-2033
fax : +46-(0)455-13960
email: robert () outpost24 com

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------

Current thread:

XSS vulnerabiilty testing and impact Rick Zhong (Jul 27)
- Re: XSS vulnerabiilty testing and impact marko ruotsalainen (Jul 27)
- Re: XSS vulnerabiilty testing and impact Robert E. Lee (Jul 27)
- RE: XSS vulnerabiilty testing and impact Arian J. Evans (Jul 27)