[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] [x0n3-h4ck.org] PayPal vulnerable to XSS

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] [x0n3-h4ck.org] PayPal vulnerable to XSS
From: Jason <jason@xxxxxxxxxxxxxxxxxx>
Date: Mon, 06 Nov 2006 23:17:48 +0000

 > That's not exploitable. Remember that the "XS" in XSS stands for 
"cross-site": you have to be able to trigger the scripting using 
ordinary requests from another site. To generate this cookie, you'd 
need to already have scripting access to the paypal.com domain - in 
which case you don't care anymore.

Or you can use Flash to generate the raw headers you want to send.

Visitor -> attacker site with flash -> PayPal site

Visitor = exploited


-- 
  --
Jason Duke              | Strange Logic
Tel: +44 (0)20 8598 2280| jason@xxxxxxxxxxxxxxxx
        http://www.StrangeLogic.com
            The Search Engines
       We Find Them Strangely Logical


-- 
  --
Jason Duke              | Strange Logic
Tel: +44 (0)20 8598 2280| jason@xxxxxxxxxxxxxxxx
        http://www.StrangeLogic.com
            The Search Engines
       We Find Them Strangely Logical

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] [x0n3-h4ck.org] PayPal vulnerable to XSS
  - From: corrado.liotta
- Re: [Full-disclosure] [x0n3-h4ck.org] PayPal vulnerable to XSS
  - From: Andrew Farmer

Prev by Date: [Full-disclosure] [USN-376-2] imlib2 regression fix
Next by Date: [Full-disclosure] VulnDisco Pack for Metasploit is available
Previous by thread: Re: [Full-disclosure] [x0n3-h4ck.org] PayPal vulnerable to XSS
Next by thread: Re: [Full-disclosure] [x0n3-h4ck.org] PayPal vulnerable to XSS
Index(es):
- Date
- Thread