[WEB SECURITY] Exploiting Stroke triggered XSS with StrokeJacking
lavakumar kuppan
lavakumar.in at gmail.com
Wed Apr 7 16:22:33 EDT 2010
I have mentioned about 'urlbarsnakesonaplanejacking' in my post as well.
There are two major differences here:
1) The victim is on the attackers website and not on the vulnerable site
2) He is keying in something that does not even look remotely identifiable
as an XSS payload unlike an obvious 'javascript:blahblah'
Hope this helps.
On Thu, Apr 8, 2010 at 1:32 AM, gaz Heyes <gazheyes at gmail.com> wrote:
> On 7 April 2010 11:33, Lavakumar Kuppan <lava at andlabs.org> wrote:
>
>> I have written a post on how StrokeJacking can be used to exploit a type
>> of XSS where the payload can only be injected through the keystrokes of the
>> victim - 'Stroke triggered Cross-site Scripting'.
>>
>> Post:
>>
>> http://blog.andlabs.org/2010/04/stroke-triggered-xss-and-strokejacking_06.html
>>
>> POC:
>> http://www.andlabs.org/stroke_triggered_xss.html
>>
>> Video:
>> http://www.youtube.com/watch?v=VgJq_PClMmY
>>
>
> I have found a similar flaw in Google, if you visit google.com and type
> javascript:alert(document.cookie) I have your cookie. I call it
> urlbarsnakesonaplanejacking
>
--
Cheers,
Lava
http://www.lavakumar.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20100408/3e7f8edd/attachment.html>
More information about the websecurity
mailing list