Page 1 of 1
No XSS warning here.
Posted: Tue Jan 19, 2010 6:28 pm
by nagan
http://emuasylum.com/forums/z/rs/files. ... 1&s=103809
Displayed as only a rapidshare link.Or was it really a harmless one?
Re: No XSS warning here.
Posted: Tue Jan 19, 2010 6:56 pm
by Giorgio Maone
There's no XSS that I can see there.
It just seems a quite accurate phishing copy, even though you can tell it's not rapidshare by just checking the address bar, which is the bare minimum against pishing.
Re: No XSS warning here.
Posted: Wed Jan 20, 2010 4:07 pm
by nagan
Hi,
Could you tell the difference between an xss attack and the one above (for educative interest)? Earlier I used to get NS xss warnings on similiar sites which had a similiar non Rapidshare addresses and trying to phish.
If a guy is half asleep ,he is gone!
Re: No XSS warning here.
Posted: Wed Jan 20, 2010 4:13 pm
by Giorgio Maone
nagan wrote:Hi,
Could you tell the difference between an xss attack and the one above (for educative interest)?
If Rapidshare has a XSS vulnerability, an attacker could show you an identical page
with a rapidshare.com URL in your address bar.
At that point, even if you're full awake, you can't tell the difference.
Furthermore, if you're already logged in, or you enabled the "remember me" feature, or you've got the browser's password-completion feature enabled, your credentials are gone even if you're not shown the page (e.g. if it's loaded in an hidden IFRAME), let alone interact with it.