From: Kevin Spett (kspett@spidynamics.com)
Date: Wed Aug 07 2002 - 15:37:34 EDT
If you were really trying to exploit a XSS issue, you wouldn't make a pop-up
box... people just use that to test for it. You would do something like
silently sent an HTTP request containing the cookie value to another site,
so that the person (or program) at the other end would be able to hijack the
session.
Kevin Spett
SPI Dynamics, Inc.
http://www.spidynamics.com/
----- Original Message -----
From: "Matt Andreko" <mandreko@ori.net>
To: "'Bill Pennington'" <billp@boarder.org>; <pen-test@securityfocus.com>
Sent: Tuesday, August 06, 2002 5:56 PM
Subject: RE: Cross Site Scripting Vulnerabilities - XSS
> I am kinda new to XSS, but am intrigued by how it works. I have found
> sometimes you can get javascript messages to pop up and such, but if
> it's not being stored in a database, what good is it?
>
> Take for example Iwillusa.com (a motherboard maker's website). They
> have a product page that I saw had some html in the URL:
> http://www.iwillusa.com/products/spec.asp?ModelName=DVD266>u</i>-RN&Su
> pportID=
> I edited it and it became:
> http://www.iwillusa.com/products/spec.asp?ModelName=DVD266u-RN