Domain User Credentials access via OWA XSS

From: Hugo (overclocking_a_la_abuelaat_private)
Date: Mon Jul 07 2003 - 14:19:54 PDT

Next message: Curt Wilson: "Re: rundll32.exe buffer overflow"

Previous message: Stephen Samuel: "Re: Red Hat 9: free tickets"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) On my previous post about OWA XSS I talked about Cross Site Scripting in the attachment field of a mail. The XSS is not in the attachment, is in the body of the message. Sorry, I need to sleep... Please notice: not in the attachment, in the BODY. To make it clear to understand I have just published on my site (www.infohacking.com) a report explaining how to reproduce this bug on a real environment with a proof of concept exploit. Our code is able to exploit the XSS on the Outlook Web Access to show the user cookie and the Windows domain, username and password in cleartext. Have fun! Hugo Vázquez Caramés & Toni Cortés Martínez Infohacking Research 2003 Barcelona Spain

Next message: Curt Wilson: "Re: rundll32.exe buffer overflow"
Previous message: Stephen Samuel: "Re: Red Hat 9: free tickets"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jul 08 2003 - 16:13:40 PDT