XSS with social engineering-vulnerability warning-the black bar safety net

ID MYHACK58:62200714420
Type myhack58
Reporter 佚名
Modified 2007-03-07T00:00:00


All along everybody thought thatXSSdoes not cause great harm,and thus always ignore it to the Last complete disregard,accidental see milw0rm previous gringo demo calledXSS injection in image formats of the video,bypassing the forum to upload the Image File Validation and upload a script of the picture file,of course this IE the biggest vulnerability already is N years,IE is regardless of the file extension,it will directly parse an arbitrary file extension for the HTML file,why a such a seemingly simple vulnerability gringo so much importance?

FirstXSSis a passive attack,the now popularXSSto attack the way the main is counterfeit submission,if you are a site administrator,when you update the Web application,any one of the operation and the submission of relevant,updated articles,add members,delete attachments, etc., the website of the program to accept the Administrator's submission of the parameters will make the appropriate action.

OK,the crap out of so many! Imagine a period of such a script,can mimic the administrator to submit a wide range has been previously set parameters,to complete a variety of admin to do,you will want to?! No doubt,this isXSS(cross-site scripting).

Look back and think for a gringo to upload a script of the picture is a bit SB,the administrator will see? If someone think so,I also really wanted to knock you two,you forget about social engineering?

We can pre-set a snare,the wretched point~we just tell admin,your site has a yellow picture,will he go see? Going to delete? If that picture is a segmentXSS(cross-site scripting),function is to the ordinary members promoted to admin,this Station is not scored.

Look at domestic those WEB applications are mostly also ignore such vulnerabilities,the moving network from the development to now seems to have not been noticed before in the picture there is a script what will happen,little thought to automatically obtain the WEBSHELL are OK,some other WEB App filter, but there are still ways to bypass the.

So sayXSSin after a certain are an important class of attacks,not like everyone says and tasteless like,the key is that you have no this idea! Even with social engineering, the passive becomes active!

From:http://s0n9. blog. sohu. com/