[WEB SECURITY] Redirectors: the phantom menace
MustLive
mustlive at websecurity.com.ua
Thu Sep 24 16:51:03 EDT 2009
Hello participants of Mailing List.
Earlier I wrote to the list about my article Redirectors: the phantom menace
(http://www.webappsec.org/lists/websecurity/archive/2009-09/msg00021.html).
And last week I wrote new article on this topic - Attacks via closed
redirectors (http://websecurity.com.ua/3531/), for which I made English
version today. It this article I wrote about different variants of attacks
via closed redirectors. It’s anthology of attacks with using of closed
redirectors (as first article was anthology of attacks with using of open
redirectors).
Attack via closed redirectors:
* Redirection.
* Bypass of spam-filters.
* Bypass of flash restrictions.
* XSS attack via jar: URI in Firefox.
* CSRF attacks on a site.
* Hidden attacks on other sites.
* Image leakage in Firefox.
* Denial of Service attacks.
* Cross-Site Scripting attacks.
* Bypass of protection filters.
You can read the article Attacks via closed redirectors at my site:
http://websecurity.com.ua/3531/
Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA
More information about the websecurity
mailing list