Next message: Bill Weiss: "Re: CSS implication"
Here are some of the things my security team has observed with relation to cross-site scripting:
* as you said, persistent cookie theft
* "session theft" where you act in the context of a privileged user
* as you said, running script or objects
* SQL injection attacking the back end logic
* likewise, XML injection
* changing page banners or other decorations in deceptive ways
* DoS attacks on the underlying system error logs
* causing a trusted page to display a link to an untrusted page
-----Original Message-----
From: zero [mailto:zeroboyat_private]
Sent: Saturday, March 16, 2002 5:39 AM
To: vuln-devat_private
Subject: CSS implication
Hi all,
I'm working on a CSS paper, and I was wondering, what are the real
implications of a CSS attack. When some site is vuln to a CSS problem,
you're able to execute code on the web. I've thought about the implications
of this. First of all:
- You can steal cookies from users
- You can send bogus links faking the original site: i.e
http://site/vuln.php?query=>...(faking vuln.php)...</script>
- You can download & launch activeX (possible to download and
execute trojans?)
Any more dangerous implications?
mailto:zeroboyat_private
http://www.podergeek.com
http://www.citfi.org
**************************************************
"The further backward you look, the further forward you can see" Winston
Churchill
"Para ganar, hay gente que debe perder"
This archive was generated by hypermail 2b30
: Sun Mar 17 2002 - 21:50:18 PST