Ripe Md wrote:
> With referers (HTTP_REFERER) it is easy to takeover sessions in some
> Web applications Forums (phpBB) and so far.
The natural conclusion would be that storing such session information as
part of the URL is what is evil, not the concept of the referer. It
also violates the ideal
> What if regular users are behind rotating proxies (e.g., AOL)? :-)
...or on the same network with NAT.
...or on the same network segment with no NAT... steal cookie, the
proceed to steal the victim's IP with ARP poisoning...
tim
___
Full-Disclosure
On Sun, Aug 07, 2005 at 10:54:55PM +0200, Nicolas Rachinsky wrote:
> What if the attacker is behind the same proxy?
What if regular users are behind rotating proxies (e.g., AOL)? :-)
Steve
___
Full-Disclosure - We believe in it.
Charter: http://lists.g
* Vincent van Scherpenseel <[EMAIL PROTECTED]> [2005-08-07 22:41 +0200]:
> On Sunday 07 August 2005 20:27, Bipin Gautam wrote:
>
> > BUT, i remember testing it on PHPBB back then, i don't think you can
> > take over the session on that! (i may be wrong). YAP, but there are
> > LOTS of sites & appl
On Sunday 07 August 2005 20:27, Bipin Gautam wrote:
> BUT, i remember testing it on PHPBB back then, i don't think you can
> take over the session on that! (i may be wrong). YAP, but there are
> LOTS of sites & applications out there from which you can easily steal
> away sessions.
Well, if the c
this was my best kept secret! (o;
BUT, i remember testing it on PHPBB back then, i don't think you can
take over the session on that! (i may be wrong). YAP, but there are
LOTS of sites & applications out there from which you can easily steal
away sessions.
On 8/7/05, Ripe Md <[EMAIL PROTECTE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
/*
C:\>msn_fuzzer [EMAIL PROTECTED] testpasswd
[.] Resolving.: messenger.hotmail.com = 65.54.239.140
[.] Connected.: 207.46.4.25:1863
[.] HTTPS.: unauthorized (login/passwd)
[.] Disconnection..
C:\>msn_fuzzer [EMAIL PROTECTED] testpass
With referers (HTTP_REFERER) it is easy to takeover sessions in some
Web applications Forums (phpBB) and so far. If an user of such an
application doesn't allow the use of cookies, the session informations
are mostly transportet over the URL. If somebody else places a
Hyperlink for example in a For
similar is true in IE i guess. I think i've seen if you type...
invaliddomain.com.tld it might redirect you to
invaliddomain.com.tld.netetc. (if it happens to be a valid
domain) if the default searchengine is MSN
whatever it is... it doesn't look very good to me!
On 8/6/05, Seth Brun
similar is true in IE i guess. I think i've seen if you type...
invaliddomain.com.tld it might redirect you to
invaliddomain.com.tld.netetc.
whatever it is... it doesn't look very good to me!
On 8/6/05, Seth Brundle <[EMAIL PROTECTED]> wrote:
>
>
> -Original Message-
> From
10 matches
Mail list logo
