[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] news XSS on paypal.com
- To: php0t <very@xxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] news XSS on paypal.com
- From: "ad@xxxxxxxxxxxxxxxx" <ad@xxxxxxxxxxxxxxxx>
- Date: Sun, 23 Jul 2006 15:20:51 +0200
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
This is such scenario we should see in the poc and not a usual boxe
spamming a website ... This does not really alerts a web admin I think.<br>
Thanks anyway for the informations.<br>
<br>
php0t wrote:
<blockquote cite="mid008d01c6ae4e$2fc26930$650ba8c0@DORKA" type="cite">
<pre wrap="">If it works, then you can plant iframes in popular websites so
that when
somebody visits them and they happen to be logged on to paypal at the
same time, the injected javascript could make a transaction using the
victim's (visitor's) creditentials. This can all happen without alerting
the user. (There might be some circumstances blocking this in practice,
like if they require a Turing test for completing money transactions
etc).
php0t
ps: a poc showing how to fake a whole webpage?! :-)
</pre>
<blockquote type="cite">
<pre wrap="">I wonder what is interesting in this , usually a poc show us
we can
upload a crafted webpage on a vulnerable website, fake a whole
</pre>
</blockquote>
<pre wrap=""><!---->webpage,
</pre>
<blockquote type="cite">
<pre wrap="">etc, this link doesnt speak much than the noob who found it.
</pre>
</blockquote>
<pre wrap=""><!---->
</pre>
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">Pigrelax wrote:
</pre>
</blockquote>
</blockquote>
<pre wrap=""><!----><a class="moz-txt-link-abbreviated"
href="http://www.paypal.com/cgi-bin/webscr?cmd=p/gen/";>www.paypal.com/cgi-bin/webscr?cmd=p/gen/</a>--></script><script>alert('www
_______________________________________________
Full-Disclosure - We believe in it.
Charter: <a class="moz-txt-link-freetext"
href="http://lists.grok.org.uk/full-disclosure-charter.html";>http://lists.grok.org.uk/full-disclosure-charter.html</a>
Hosted and sponsored by Secunia - <a class="moz-txt-link-freetext"
href="http://secunia.com/";>http://secunia.com/</a>
__________ NOD32 1.1674 (20060722) Information __________
This message was checked by NOD32 antivirus system.
part000.txt - is OK
<a class="moz-txt-link-freetext"
href="http://www.eset.com";>http://www.eset.com</a>
</pre>
</blockquote>
<br>
</body>
</html>
begin:vcard
fn:Arnaud Dovi / Ind. Security Researcher
n:Dovi;Arnaud
email;internet:ad@xxxxxxxxxxxxxxxx
tel;work:Independent Security Researcher
version:2.1
end:vcard
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/