lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 10 Mar 2007 15:15:54 -0600
From: Paul Schmehl <pauls@...allas.edu>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Is OWASP vulnerable ??

--On March 10, 2007 9:23:45 AM -0800 Scarlet Pimpernel 
<kishfellow@...oo.com> wrote:

> Hello all,
>
> There is an undefined function in OWASP website's javascript code
> (wikibits.js)
> called wgBreakFrames. This can cause potential damage to the site if
> used maliciously.
>
> http://www.owasp.org/skins/common/wikibits.js
>
> start of code:
>
> if (wgBreakFrames) {
> // Un-trap us from framesets
> if (window.top != window) {
> window.top.location = window.location;
> }
> }
>
> end of code
>
Apparently you don't understand the difference between a variable and a 
function.  wgBreakFrames is a variable that can be defined elsewhere. 
Without looking at the entire site, I assume that wgBreakFrames gets 
defined as "true" in those places where they don't want their pages 
trapped inside someone else's frame.

Given the syntax of this function, wgBreakFrames can only have one of two 
values: true or false.

I'd be interested to see some POC that would show how you would exploit 
this.

Paul Schmehl (pauls@...allas.edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/

Content of type "application/pkcs7-signature" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists