User Agent XSS anyone?
Posted by Zack Payton on Apr 22
Hi all,
I was just curios if anyone was aware of any interesting ways to
exploit user-agent based xss.
I suppose it would be easy in conjunction with HTTP response
splitting, but is anyone aware of any other vectors beside those
present in custom browser extensions?
I am interested in…
Re: User Agent XSS anyone?
Posted by Robin Wood on Apr 24
2009/4/22 Zack Payton <zpayton_at_gmail.com>:
> Hi all,
>
> I was just curios if anyone was aware of any interesting ways to
> exploit user-agent based xss.
> I suppose it would be easy in conjunction with HTTP response
> splitting, but is anyone aware of any…
URL: http://seclists.org/pen-test/2009/Apr/0136.html
Re: User Agent XSS anyone?
Posted by Morning Wood on Apr 24
here is one I discoverd quite some time ago
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2003-06/0257.html
UA XSS is particularly nasty in apps that format logs in html
( a simple registry edit was used to change the UA in IE )
—– Original Message —–
Re: User Agent XSS anyone?
Posted by Luca Carettoni on Apr 25
On Wednesday 22 April 2009, Zack Payton wrote:
> Hi all,
>
> I was just curios if anyone was aware of any interesting ways to
> exploit user-agent based xss.
> I suppose it would be easy in conjunction with HTTP response
> splitting, but is anyone aware of any other…
URL: http://seclists.org/pen-test/2009/Apr/0155.html
Re: User Agent XSS anyone?
Posted by Zack Payton on Apr 27
Arian,
I was hoping for a good technique for being able to modify the user
agent from java script even if the server isn’t susceptible to
response splitting.
Essentially, I have a web app that generates a web page and displays
the user agent back to the client.
I will take a look at the…
URL: http://seclists.org/pen-test/2009/Apr/0172.html