Bugtraq mailing list archives
Re: Bypassing of web filters by using ASCII
From: Kurt Huwig <k.huwig () iku-ag de>
Date: Thu, 22 Jun 2006 02:34:37 +0200
RSnake schrieb:
Jeremiah Grossman and I were able to get a proof of concept working based off of Kurt's work that actually runs a simple piece of JavaScript in IE, without using open or close angle brackets. Here's the link to the post: http://ha.ckers.org/blog/20060621/us-ascii-xss-part-2/ I concur that it would be very likely that this would pass through almost all the content filters known to date, although the liklihood of exploit is fairly low for any given websites, given the encoding needed (US-ASCII). This is more relevant to perhaps injecting JavaScript from remote locations by which you have control and bypassing AV or content filtering products that otherwise would restrict malicious JavaScript.
I was able to get your example working on a normal HTTP server by adding this to the <head>er: <meta http-equiv="Content-Type" content="text/html; charset=US-ASCII" /> Demo page is here: http://www.iku-ag.de/ascii.cgi.htm -- Kurt Huwig iKu Systemhaus AG http://www.iku-ag.de/ Vorstand Am Römerkastell 4 Telefon 0681/96751-0 66121 Saarbrücken Telefax 0681/96751-66 GnuPG 1024D/99DD9468 64B1 0C5B 82BC E16E 8940 EB6D 4C32 F908 99DD 9468
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- Re: Bypassing of web filters by using ASCII, (continued)
- Re: Bypassing of web filters by using ASCII Paul (Jun 21)
- Re: Bypassing of web filters by using ASCII Kurt Huwig (Jun 22)
- Re: Bypassing of web filters by using ASCII Amit Klein (AKsecurity) (Jun 22)
- RE: Bypassing of web filters by using ASCII James C. Slora Jr. (Jun 23)
- RE: Bypassing of web filters by using ASCII Amit Klein (AKsecurity) (Jun 26)
- RE: Bypassing of web filters by using ASCII RSnake (Jun 26)
- Re: Bypassing of web filters by using ASCII Hubert Seiwert (Jun 27)
- RE: Bypassing of web filters by using ASCII James C. Slora Jr. (Jun 26)
- Re: Bypassing of web filters by using ASCII Paul (Jun 21)
- Re: Bypassing of web filters by using ASCII Thor (Hammer of God) (Jun 23)
- Re: Bypassing of web filters by using ASCII Kurt Huwig (Jun 22)
- Re: Bypassing of web filters by using ASCII David Huecking (Jun 26)
- Message not available
- Re: Bypassing of web filters by using ASCII Amit Klein (AKsecurity) (Jun 23)
- Re: Bypassing of web filters by using ASCII Vincent Archer (Jun 26)
- Re: Bypassing of web filters by using ASCII Balazs Attila-Mihaly (Cd-MaN) (Jun 26)