[Owasp-testing] HTTP TRACK and WEBDAV

[gsiere at comcast.net]

I like it!  Just...what do you call this?? 
 
Cross Site Script Abuse?
Cross Site Function Stealing?
Cross Site Script Overloading?

-George

-------------- Original message -------------- 
From: "Dave van Stein" <dvstein at gmail.com> 

Talking about new thing/ways to test .. Did anybody see this blog:
http://0x000000.com/index.php?i=590&bin=1001001110

It's about using existing, available .js or other resource for generating XSS and thus bypassing 'script filtering' and other blacklisting methods ...

Very interesting and also something to at least mention in the manual ?

Dave



 
2008/6/9 <gsiere at comcast.net>:

All,

Ref HTTP Method Section 4.3.8

Has anyone seen HTTP "TRACK" method enabled when "TRACE" was not?  Would it make sense to test for "TRACK" separately?  From what I've seen, TRACK behaves pretty much like TRACE - so you should be able to get an XST attack from it -  but I've only seen both or none.  I guess it might be a way to circumvent an ACL or filter if TRACE is prohibited?

Also, how about all the WEBDAV methods like LOCK, COPY, MOVE, etc?  http://www.webdav.org/specs/rfc2518.html#rfc.section.4.4

Is there a single method you can check to see if WEBDAV is enabled at all (like maybe PROPFIND)? (assuming something like OPTIONS doesn't already tell you)?  I havn't seen this too often, and was going to research this a little but thought someone might already have some insight.

-George
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-testing/attachments/20080609/1ce34298/attachment.html 
-------------- next part --------------
An embedded message was scrubbed...
From: "Dave van Stein" <dvstein at gmail.com>
Subject: Re: [Owasp-testing] HTTP TRACK and WEBDAV
Date: Mon, 9 Jun 2008 12:33:25 +0000
Size: 691
Url: https://lists.owasp.org/pipermail/owasp-testing/attachments/20080609/1ce34298/attachment.mht