Can I obtain BASIC AUTH credentials using an XSS vulnerbility

["frank fish" <frankfish1962 () hotmail com>]

Hello,

I have an application that uses IIS with basic authentication. The 
application has a XSS vulnerability that when exploited will allow me to 
collect the ASP Session Cookie from a logged on user.

However, this cookie is not enough for me to use to access the application, 
I need to get instead the BASE64 encoded authentication string. Is there a 
way to get this string via the XSS vulnerability ?

Thanks for any advice, Frank






_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8. 
http://join.msn.com/?page=features/junkmail