you see you are arguing how useful xss can be for an attacker, but the point of this argument is <br><br>1) how hard is it find xss in applications<br>2) how hard it is to successfully exploit the vulnerability <br><br>compared to other vulnerabilities xss is way down on the scale
<br><br>i also believe this is what pdp wanted to argue as he believes xss is on the same scale as other bugs following 1 and 2 <br><br><div class="gmail_quote">On Nov 4, 2007 2:28 PM, <<a href="mailto:nexus@playhack.net">
nexus@playhack.net</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">-----BEGIN PGP SIGNED MESSAGE-----<br>Hash: SHA1<br><div class="Ih2E3d">
<br>reepex wrote:<br>> 1) XSS isnt techincal no matter how its used<br></div>I totally disagree with you.. isn't technical for those who cannot<br>realize how much powerful can be a xss, especially if persistent.<br>
<div class="Ih2E3d"><br>> 2) people who use xss on pentests/real hacking/anything but phishing are<br>> lame and only use it because they cannot write real exploits (non-web) or<br>> couldnt find any other web bugs (sql injection, cmd exec,file include,
<br>> whatever)<br></div>Imho the pentesting will move day by day closer to web applications<br>flaws testing, since the web applications are self written by webmasters<br>and more exposed to possible bugs. Concerning sql inj or rfi are not
<br>more difficult to be discovered..<br><div class="Ih2E3d"><br>> 3) XSS does not have a place on this list or any other security list and i<br>> remember when the idea of making a seperate bugtraq for xss was proposed and
<br>> i still think it should be done.<br></div>Dunno about that, even if i agree that all the xss flaws found should<br>not be reported here, they would be too much.<br><div class="Ih2E3d"><br>> 4) if you go into a pentest/audit and all you get out is xss then its a
<br>> failed pentest and the customer should get a refund.<br></div>I don't agree with this too for the same reasons as before.<br><div class="Ih2E3d"><br>> 5) publishing xss shows your weakness and that you dont have the ability to
<br>> find actual bugs ( b/c xss isnt a vuln its crap )<br></div>Imho a xss is a vuln as much as the others, since if used smartly could<br>get quite dangerous.<br><br>Reading a report from zone-h i read that the most effective hacking
<br>cause it's the xss.. i don't know if i shall agree with this, but<br>obviously it should make us think about it.<br><br>bye<br><br>/nexus<br>-----BEGIN PGP SIGNATURE-----<br>Version: GnuPG v1.4.7 (GNU/Linux)<br>
<br>iD8DBQFHLitaVVYXVqV+ctMRAkcEAKCLXroIu80OemE/m/voaN4iczrJigCfTH3Q<br>EJOb41+Eex4lFNy1AHJ9xhE=<br>=ICJh<br>-----END PGP SIGNATURE-----<br></blockquote></div><br>