Thanks Guys,, is there any possible XSS when application is using US ASCII-7. below is the sample XSS example code find out. I have tried in one asp application it. But its not working. Is there any another way to exploit the xss when application is using US ASCII -7
žscriptualert(EXSSE)ž/scriptu ¼script¾alert(¢XSS¢)¼/script¾ Regards Srinivas Burra On Sat, Sep 11, 2010 at 9:35 PM, Sandeep Thakur <[email protected]>wrote: > Are you looking something about ASCII but wrt information security? If Yes, > read below: > > The character set ASCII encodes every character with 7 bits. Internet > connections transmit octets with 8 bits. If the content of such a > transmission is encoded in ASCII, the most significant bit must be ignored. > > Most browsers evaluate the bit and display the characters as if they were > from the character set > ISO-8859-1. This creates a security issue. The malware/user of a web page > can set the bit with arbitraty characters without changing the view of the > page. > > With this, virus scanners and content filters see completely different > characters, so that these characters/programs/scripts cannot be detected.This > offers spammers and virus writers the possibility to bypass installed > security solutions wrt spam and virus. > A example of the above ASCII obfuscation can be referred from here: > http://blogs.msdn.com/b/dross/archive/2006/10/01/780339.aspx > > Similar ASCII links but wrt information security: > > http://blogs.msdn.com/b/dross/archive/2008/03/10/xss-focused-attack-surface-reduction.aspx > http://ha.ckers.org/blog/20060621/malformed-ascii-bypasses-filters/ > > > Regards > Sandeep Thakur > > -- > You received this message because you are subscribed to the Google Groups > "nforceit" group. > To post to this group, send an email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<nforceit%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/nforceit?hl=en-GB. > -- *Regards* *Srinivas Burra CEH | ECSA* -- You received this message because you are subscribed to the Google Groups "nforceit" group. To post to this group, send an email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nforceit?hl=en-GB.
