De-anonymizer

From: Berend-Jan Wever (skylinedat_private)
Date: Tue Apr 23 2002 - 03:26:12 PDT

Next message: Iván Arce: "CORE-20020409: Multiple vulnerabilities in stack smashing protection technologies"

Previous message: James Ralston: "trusting user-supplied data (was Re: FreeBSD Security Advisory FreeBSD-SA-02:23.stdio)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) I have "hacked" my way out of anonymizer with Cross-site scripting: http://anon.free.anonymizer.com/http://spoor12.edup.tudelft. nl/SkyLined/docs/de_anonymizer.labs.html It uses a <SCRIPT> tag without a closing </SCRIPT> tag to fool anonymizer into allowing an onError event to pass filters. This allows me to execute javascript with obvious security breaches. Anonymizer was informed of the situation. Kind regards, Berend-Jan Wever http://spoor12.edup.tudelft.nl

Next message: Iván Arce: "CORE-20020409: Multiple vulnerabilities in stack smashing protection technologies"
Previous message: James Ralston: "trusting user-supplied data (was Re: FreeBSD Security Advisory FreeBSD-SA-02:23.stdio)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Apr 24 2002 - 10:08:44 PDT