lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <454FC29C.8080307@strangelogic.co.uk>
Date: Mon, 06 Nov 2006 23:17:48 +0000
From: Jason <jason@...angelogic.co.uk>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: [x0n3-h4ck.org] PayPal vulnerable to XSS


 > That's not exploitable. Remember that the "XS" in XSS stands for 
"cross-site": you have to be able to trigger the scripting using 
ordinary requests from another site. To generate this cookie, you'd 
need to already have scripting access to the paypal.com domain - in 
which case you don't care anymore.

Or you can use Flash to generate the raw headers you want to send.

Visitor -> attacker site with flash -> PayPal site

Visitor = exploited


-- 
  --
Jason Duke              | Strange Logic
Tel: +44 (0)20 8598 2280| jason@...angelogic.com
        http://www.StrangeLogic.com
            The Search Engines
       We Find Them Strangely Logical


-- 
  --
Jason Duke              | Strange Logic
Tel: +44 (0)20 8598 2280| jason@...angelogic.com
        http://www.StrangeLogic.com
            The Search Engines
       We Find Them Strangely Logical

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ