Random number generator and input name linebreaks can be used to send custom data to other sites

Type opera
Reporter Opera
Modified 2009-06-10T00:00:00


Input names can contain line breaks when data is sent using POST. Suitable use of the random number generator can reveal predictable boundaries that will be used when sending the POST data. These can be combined to add extra boundaries into the data, containing payloads that may confuse the receiving server or be used for XSRF.Suitable monitoring of the change in the state of the random number generator before and after loading other pages, might reveal which scripts have been executed and thus the user's login status.