Penetration Testing mailing list archives
Re: XSS LAB DEMO IDEAS
From: "Loki" <loki () fatelabs com>
Date: Mon, 06 Jan 2003 09:41:12 -0800
Recently having done this for my employer, what I did was combed Bugtraq archives for keyword searches on xss or cross-site vulnerabilities. After doing so you can identify software packages (postnuke, apalachian web site, et. al) and the version #s of affected releases.
After doing so, I setup a linux box, mysql, and the different vulnerable software packages that were identified and began to xss away.
Food for thought. Loki http://www.fatelabs.com On Mon, 6 Jan 2003 10:00:48 -0700 "Jeremy Junginger" <jj () act com> wrote:
After reading the papers by iDefense and the paper athttp://www.technicalinfo.net/papers/CSS.html , I would like to put a working example together to familiarize our web developers with XSS vulnerabilities and their impact on the web site (and business). I would like to poll the group for interesting ways to demonstrate these vulnerabilities in a lab environment. Thanks for taking the time togive your input. -Jeremy ----------------------------------------------------------------------------This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see:https://alerts.securityfocus.com/
---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- XSS LAB DEMO IDEAS Jeremy Junginger (Jan 06)
- Re: XSS LAB DEMO IDEAS Loki (Jan 06)
- Re: XSS LAB DEMO IDEAS Kevin Spett (Jan 06)
- <Possible follow-ups>
- Re: XSS LAB DEMO IDEAS Mark Curphey (Jan 06)
- RE: XSS LAB DEMO IDEAS Dawes, Rogan (ZA - Johannesburg) (Jan 07)
- Re: XSS LAB DEMO IDEAS FermÃn J . Serna (Jan 08)
- RE: XSS LAB DEMO IDEAS Jeremy Junginger (Jan 08)
- RE: XSS LAB DEMO IDEAS Dawes, Rogan (ZA - Johannesburg) (Jan 10)