'Re: [Full-disclosure] Redirectors: the phantom menace'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    Re: [Full-disclosure] Redirectors: the phantom menace
From:       Sébastien_Duquette <ekse.0x () gmail ! com>
Date:       2010-06-27 21:53:43
Message-ID: AANLkTinTG8vvqgloEfsFWkSsip4HOyHaqB0Or_udomGy () mail ! gmail ! com
[Download RAW message or body]

It took me until half the post to realize this wasn't posted by
MusntLive but by the original MustLive. With a title like that, I
assumed it was some kind of mockery. Sometimes reality is stranger
than fiction...

On Sun, Jun 27, 2010 at 4:45 PM, MustLive <mustlive@websecurity.com.ua> wrote:
> Hello participants of Full-Disclosure!
>
> Additional information for those who read my article (and who still didn't
> they can do it) Redirectors: the phantom menace
> (http://lists.grok.org.uk/pipermail/full-disclosure/2009-September/070901.html).
>
> In addition to previous 12 attacks via open redirectors this year I added
> three new attacks (and soon would add more).
>
> To before-mentioned attacks the redirectors also can be used:
>
> - For conducting of XSS attacks via PDF files, which I wrote about in post
> regarding Script Injection in Adobe Acrobat
> (http://www.webappsec.org/lists/websecurity/archive/2010-01/msg00049.html).
>
> - For conducting of DoS attacks on browsers via redirection to mailto: URL,
> which I wrote about in post DoS in Firefox, Internet Explorer, Chrome, Opera
> and other browsers (http://websecurity.com.ua/4206/). This concerns both
> open redirectors and closed redirectors
> (http://lists.grok.org.uk/pipermail/full-disclosure/2009-September/070901.html).
>
> - For bypassing of restrictions on URL at HTML Injection attacks,
> particularly Link Injection. As in case of vulnerability at news.yahoo.com
> (http://websecurity.com.ua/3723/). In contrast to bypass of protection
> filters at using of closed redirectors (attack #10), in this case not
> external redirector is using, but internal one (at this site, or at the site
> from allowed list).
>
> Best wishes & regards,
> MustLive
> Administrator of Websecurity web site
> http://websecurity.com.ua
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic