Re: excessive xss vulnerabilities

[bugtraq () cgisecurity net]

> Interesting, a JS keylogger! You should use XMLHTTP to post the info...


A presentation by Jeremiah Grossman at blackhat last year walked through installing a keylogger and using
AJAX (HTMLHTTP) to not only record what the user was doing, but also interactively feed them new payloads.

- zeno
http://www.cgisecurity.com/ Web Security news and More
http://www.cgisecurity.com/index.rss [RSS Feed]

> ________________________________
>
> From: full-disclosure-bounces () lists grok org uk
> [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of
> Christian Swartzbaugh
> Sent: 09 May 2006 00:35
> To: full-disclosure () lists grok org uk
> Subject: [Full-disclosure] excessive xss vulnerabilities
>
>
> there is a high volume of xss vulnerabilities on this list. take the
> next step to disclose why xss important for the affected program. for
> instance, creating a test case that does something privileged or
> malicious towards a visitor. in attempting to create a keystroke logger
> in javascript i've found it drops random keystrokes (i think its a speed
> problem). and i would be interested in seeing more malicious javascript.
>
>
> again please justify why xss is valuable in disclosures of these
> vulnerabilties
> even if its just a cookie stealer, please show why an attacker would
> want those cookies or how he/she could use them to create a security
> issue.=20
>
> thanks
> feofil
>
>
> ------_=_NextPart_001_01C67343.30812B54
> Content-Type: text/html;
>       charset="us-ascii"
> Content-Transfer-Encoding: quoted-printable
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> <HTML><HEAD>
> <META http-equiv=3DContent-Type content=3D"text/html; =
> charset=3Dus-ascii">
> <META content=3D"MSHTML 6.00.2900.2873" name=3DGENERATOR></HEAD>
> <BODY>
> <DIV dir=3Dltr align=3Dleft><FONT face=3DArial color=3D#0000ff =
> size=3D2><SPAN=20
> class=3D903053208-09052006>Interesting, a JS keylogger! You should use =
> XMLHTTP to=20
> post the info...</SPAN></FONT></DIV><BR>
> <DIV class=3DOutlookMessageHeader lang=3Den-us dir=3Dltr align=3Dleft>
> <HR tabIndex=3D-1>
> <FONT face=3DTahoma size=3D2><B>From:</B> =
> full-disclosure-bounces () lists grok org uk=20
> [mailto:full-disclosure-bounces () lists grok org uk] <B>On Behalf Of =
> </B>Christian=20
> Swartzbaugh<BR><B>Sent:</B> 09 May 2006 00:35<BR><B>To:</B>=20
> full-disclosure () lists grok org uk<BR><B>Subject:</B> [Full-disclosure] =
> excessive=20
> xss vulnerabilities<BR></FONT><BR></DIV>
> <DIV></DIV>there is a high volume of xss vulnerabilities on this list. =
> take the=20
> next step to disclose why xss important for the affected program. for =
> instance,=20
> creating a test case that does something privileged or malicious towards =
> a=20
> visitor. in attempting to create a keystroke logger in javascript i've =
> found it=20
> drops random keystrokes (i think its a speed problem). and i would be =
> interested=20
> in seeing more malicious javascript. <BR><BR>again please justify why =
> xss is=20
> valuable in disclosures of these vulnerabilties<BR>even if its just a =
> cookie=20
> stealer, please show why an attacker would want those cookies or how =
> he/she=20
> could use them to create a security issue.=20
> <BR><BR>thanks<BR>feofil<BR></BODY></HTML>
>
> ------_=_NextPart_001_01C67343.30812B54--
>
>
> --===============0551646189==
> Content-Type: text/plain; charset="us-ascii"
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> Content-Disposition: inline
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> --===============0551646189==--

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/