lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <003601cb1639$b32f0060$010000c0@ml>
Date: Sun, 27 Jun 2010 23:45:11 +0300
From: "MustLive" <mustlive@...security.com.ua>
To: <full-disclosure@...ts.grok.org.uk>
Subject: Redirectors: the phantom menace

Hello participants of Full-Disclosure!

Additional information for those who read my article (and who still didn't 
they can do it) Redirectors: the phantom menace 
(http://lists.grok.org.uk/pipermail/full-disclosure/2009-September/070901.html).

In addition to previous 12 attacks via open redirectors this year I added
three new attacks (and soon would add more).

To before-mentioned attacks the redirectors also can be used:

- For conducting of XSS attacks via PDF files, which I wrote about in post
regarding Script Injection in Adobe Acrobat
(http://www.webappsec.org/lists/websecurity/archive/2010-01/msg00049.html).

- For conducting of DoS attacks on browsers via redirection to mailto: URL,
which I wrote about in post DoS in Firefox, Internet Explorer, Chrome, Opera
and other browsers (http://websecurity.com.ua/4206/). This concerns both
open redirectors and closed redirectors
(http://lists.grok.org.uk/pipermail/full-disclosure/2009-September/070901.html).

- For bypassing of restrictions on URL at HTML Injection attacks,
particularly Link Injection. As in case of vulnerability at news.yahoo.com
(http://websecurity.com.ua/3723/). In contrast to bypass of protection
filters at using of closed redirectors (attack #10), in this case not
external redirector is using, but internal one (at this site, or at the site
from allowed list).

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua 


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ