[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [WEB SECURITY] RE: [Full-disclosure] new attack technique? using JavaScript+XML+OWSPost Data

To: full-disclosure@xxxxxxxxxxxxxxxxx, websecurity@xxxxxxxxxxxxx
Subject: Re: [WEB SECURITY] RE: [Full-disclosure] new attack technique? using JavaScript+XML+OWSPost Data
From: Gaurav Kumar <gaurav@xxxxxxxxxxxxx>
Date: Thu, 22 Dec 2005 13:45:41 +0530

>
> Not Exactly !! I wud rather suggest you to do a little more research and
> draw any conclusion. Keep those _Security Zones_ in mind before you post
> anything...
>
>
I did the research on Windows XP SP2

The script with ActiceX and XML was uploaded to
http://www.geocities.com/gaurav_e2/exp.html
The screenshot at the following URL shows the note.xml placed at C:\
while the ethereal is showing POSTing the data to attacker's site.

http://rapidshare.de/files/9619254/gaurav_kumar.JPG.html

Clearly geocities.com is in Internet zone.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] new attack technique? using JavaScript+XML+OWS Post Data
  - From: Gaurav Kumar

Prev by Date: Re: [Full-disclosure] Ioncube Encoded PHP Files
Next by Date: [Full-disclosure] Re: Most common keystroke loggers?
Previous by thread: Re: [Full-disclosure] new attack technique? usingJavaScript+XML+OWSPost Data
Next by thread: [Full-disclosure] Alternate take on list trolls
Index(es):
- Date
- Thread