RE: Can you exploit this XSS?

• Previous message: Aaron Adams: "Linux Kernel <= 2.4.21 MXCSR Local DOS Exploitation"
• Maybe in reply to: Paul Johnston: "Can you exploit this XSS?"
• Next in thread: Sverre H. Huseby: "Re: Can you exploit this XSS?"
• Reply: Sverre H. Huseby: "Re: Can you exploit this XSS?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: 'Paul Johnston' <paul@westpoint.ltd.uk>, dd <dd@ghettohackers.net>
Date: Fri, 21 Nov 2003 09:59:29 +0200

>
> P.S. Thanks to Mike Brownbill for pointing out that this is "minimal
> risk as stealing cookies from users which aren't logged in is quite
> simply futile" !!!

Not so!

I get your cookie, you log in on the next step, and the cookie does not
change (for *MANY* applications). Now I have your cookie, and it is for an
authenticated session.

All it means is that you need to wait for the user to authenticate before
ripping them off ;-)

Simply test that they have authenticated by visiting some URL that returns
different values based on an authenticated or unauthenticated cookie.

Rogan

Important Notice: This email is subject to important restrictions, qualifications and disclaimers ("the Disclaimer") that must be accessed and read by clicking here or by copying and pasting the following address into your Internet browser's address bar: http://www.Deloitte.co.za/Disc.htm. The Disclaimer is deemed to form part of the content of this email in terms of Section 11 of the Electronic Communications and Transactions Act, 25 of 2002. If you cannot access the Disclaimer, please obtain a copy thereof from us by sending an email to ClientServiceCentre@Deloitte.co.za.

• Previous message: Aaron Adams: "Linux Kernel <= 2.4.21 MXCSR Local DOS Exploitation"
• Maybe in reply to: Paul Johnston: "Can you exploit this XSS?"
• Next in thread: Sverre H. Huseby: "Re: Can you exploit this XSS?"
• Reply: Sverre H. Huseby: "Re: Can you exploit this XSS?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]