[WEB SECURITY] (somewhat) breaking the same-origin policy by undermining dns-pinning
Kanatoko
anvil at jumperz.net
Mon Dec 25 06:10:10 EST 2006
Martin Johns wrote:
> This technique obviously can be automated. Instead of quitting the web
> server on attacker.org completely, dynamic firewall rules could be
> used to reject further connections from the victim's IP after the
> initial script was delivered.
I found that making browser access to a closed port ( like port 81 ) has
the same effect. ( Tested on IE6.0 )
I mean that using some URL like http://foo:81/.
I use this technique( closed port ) in my demo.
http://www.jumperz.net/index.php?i=2&a=1&b=7
--
Kanatoko<anvil at jumperz.net>
Open Source WebAppFirewall
http://guardian.jumperz.net/
----------------------------------------------------------------------------
The Web Security Mailing List:
http://www.webappsec.org/lists/websecurity/
The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
More information about the websecurity
mailing list