ðòïåëôù 


  áòèé÷ 


Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

  óôáôøé 


  ðåòóïîáìøîïå 


  ðòïçòáííù 



ðéûéôå
ðéóøíá














     áòèé÷ :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: Bypassing of web filters by using ASCII



;-)

> -----Original Message-----
> From: Kurt Huwig [mailto:k.huwig@xxxxxxxxx] 
> Sent: Thursday, June 22, 2006 4:35 AM
> To: RSnake
> Cc: bugtraq@xxxxxxxxxxxxxxxxx
> Subject: Re: Bypassing of web filters by using ASCII
> 
> RSnake schrieb:
> > 
> >     Jeremiah Grossman and I were able to get a proof of concept
> > working based off of Kurt's work that actually runs a 
> simple piece of
> > JavaScript in IE, without using open or close angle 
> brackets.  Here's
> > the link to the post:
> > 
> > http://ha.ckers.org/blog/20060621/us-ascii-xss-part-2/
> > 
> >     I concur that it would be very likely that this would pass
> > through almost all the content filters known to date, although the
> > liklihood of exploit is fairly low for any given websites, given the
> > encoding needed (US-ASCII).  This is more relevant to 
> perhaps injecting
> > JavaScript from remote locations by which you have control 
> and bypassing
> > AV or content filtering products that otherwise would 
> restrict malicious
> > JavaScript.
> 
> I was able to get your example working on a normal HTTP 
> server by adding
> this to the <head>er:
> 
> <meta http-equiv="Content-Type" content="text/html; 
> charset=US-ASCII" />
> 
> Demo page is here:
> 
> http://www.iku-ag.de/ascii.cgi.htm
> -- 
> Kurt Huwig             iKu Systemhaus AG        http://www.iku-ag.de/
> Vorstand               Am R?merkastell 4        Telefon 0681/96751-0
>                        66121 Saarbr?cken        Telefax 0681/96751-66
> GnuPG 1024D/99DD9468 64B1 0C5B 82BC E16E 8940  EB6D 4C32 F908 
> 99DD 9468
> 
> 




 




Copyright © Lexa Software, 1996-2009.