[WEB SECURITY] XSS Question

Alberto Cuesta belalb2002 at gmail.com
Fri Jun 24 08:46:54 EDT 2011


Hi, Jason.

I recommend you Raul Siles presentation "Brower exploitation for fun and
profit", where he explains and shows how to take control of victim machines
using a combination of BeeF & Metasploit.

https://www.sans.org/webcasts/browser-exploitation-fun-profit-93868?ref=64223
http://www.slideshare.net/rootedcon/ral-siles-browser-exploitation-for-fun-and-profit-revolutions-rootedcon-2011
http://www.taddong.com/docs/Browser_Exploitation_for_Fun&Profit_Revolutions_Taddong-RaulSiles_RootedCon-2011.pdf

Regards,
Alberto

2011/6/23 Chintan Dave <davechintan at gmail.com>

> XSS with msf's autopwn feature and a bit of social engineering - boom you
> have a shell :)
>
> Sorry for brevity, sent from my iPod,
>
> Thanks,
> Chintan
>
> On 23-Jun-2011, at 9:45 PM, Jason Drury <druryjason at yahoo.com> wrote:
>
> Hello,
>
> During a recent web pentest I found an input vulnerable to XSS. The
> developers have come back to me saying they resolved the issue, but upon
> retesting I found it still vulnerable to the following
> string: \";alert('XSS');//
>
> Just for my own education, can anything malicious be done with such a
> string or is the extent of the damage a popup box (which is what I currently
> get).
>
> Thank you,
> Jason
>
> _______________________________________________
>
> The Web Security Mailing List
>
> WebSecurity RSS Feed
> http://www.webappsec.org/rss/websecurity.rss
>
> Join WASC on LinkedIn <http://www.linkedin.com/e/gis/83336/4B20E4374DBA>
> http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
> WASC on Twitter
> http://twitter.com/wascupdates
>
> websecurity at lists.webappsec.org
> http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
>
>
> _______________________________________________
> The Web Security Mailing List
>
> WebSecurity RSS Feed
> http://www.webappsec.org/rss/websecurity.rss
>
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
> WASC on Twitter
> http://twitter.com/wascupdates
>
> websecurity at lists.webappsec.org
> http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
>
>


-- 
Alberto Cuesta, CISSP, GCIH
Project Manager & Technical Security Consultant
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20110624/9649cf37/attachment-0003.html>


More information about the websecurity mailing list