Re: User Agent XSS anyone?

[Zack Payton <zpayton () gmail com>]

Arian,

I was hoping for a good technique for being able to modify the user
agent from java script even if the server isn't susceptible to
response splitting.
Essentially, I have a web app that generates a web page and displays
the user agent back to the client.
I will take a look at the list you have recommended and perhaps
re-post my query with some more detail.

Thank you all for your assistance and input.
Z

On Sun, Apr 26, 2009 at 5:50 PM, Arian J. Evans
<arian.evans () anachronic com> wrote:
> Did you mean:
> 1) XSS attack that shows up client-side in the User Agent?
> 2) XSS attack launched via the User Agent?
> I think you may have meant #1, and the replies to the list assume you mean
> #2.
> You will not get very experienced answers to webappsec questions on this
> list. Most webappsec folks don't use it any more.
> You should try: websecurity () webappsec org. That is where most of the webapp
> folks hang out at.
> The SF server admins banned all gmail forwards to this list a year or two
> ago, so I cannot reply, and they refuse to fix it. </shrug>
> A lot of webappsec folks I know use various webmail forwards like I do. They
> use the WASC list since we cannot communicate on this SF list.
> --
> Arian Evans
>
>
>
> On Wed, Apr 22, 2009 at 12:11 AM, Zack Payton <zpayton () gmail com> wrote:
> > Hi all,
> >
> > I was just curios if anyone was aware of any interesting ways to
> > exploit user-agent based xss.
> > I suppose it would be easy in conjunction with HTTP response
> > splitting, but is anyone aware of any other vectors beside those
> > present in custom browser extensions?
> > I am interested in hearing about all vectors though, even those in
> > custom browser extensions.
> >
> > Thank you!
> >
> > Sincerely,
> > Z
> >
> > ------------------------------------------------------------------------
> > This list is sponsored by: InfoSec Institute
> >
> > Tired of using other people's tools? Why not learn how to write your own
> > exploits?
> > InfoSec Institute's Advanced Ethical Hacking class teaches you how to
> > write stack and heap buffer overflow exploits for Windows and Linux. Gain
> > your Certified Expert Penetration Tester (CEPT) cert as well.
> >
> >
> > http://www.infosecinstitute.com/courses/advanced_ethical_hacking_training.html
> > ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Tired of using other people's tools? Why not learn how to write your own exploits?
InfoSec Institute's Advanced Ethical Hacking class teaches you how to write stack and heap buffer overflow exploits for 
Windows and Linux. Gain your Certified Expert Penetration Tester (CEPT) cert as well.

http://www.infosecinstitute.com/courses/advanced_ethical_hacking_training.html
------------------------------------------------------------------------