> -Original Message-
> From: Justin Shin [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, July 22, 2003 8:33 PM
> To: [EMAIL PROTECTED]
> Subject: [Full-Disclosure] logically stopping xss
>
>
> i know there's a lot of stupid jokes about XSS vulns right
> now, but I was wondering if there is a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi!
> i know there's a lot of stupid jokes about XSS vulns right
> now, but I was wondering if there is any firewall or IDS
> software that can look for suspicious GET requests ... ie.
>
> GET /vulnerablewebapp/?
Watch out! Not just GET requests
On Tue, 22 Jul 2003 23:55:24 EDT, KF <[EMAIL PROTECTED]> said:
> SecFilter "<(.|\n)+>"
> the JavaScript language can be used on the client side, which should
> replace the prohibited characters with special tags, e.g. < >
> " etc.
What's wrong with this picture? :)
The basic problem here
- Justin Shin
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of KF
Sent: Tuesday, July 22, 2003 11:55 PM
To: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] logically stopping xss
some random text about mod_security I forget where it came from maybe a
security
On Tue, 22 Jul 2003 23:10:12 EDT, Justin Shin said:
> see theres a gazillion xss "exploits" just sitting out there that no-one
> knows of, and no admin can keep up with all the new "exploits" for xss. I am
> just looking for suggestions, that's all. I swear, when I said was stupid, I
> didn't mean
r suggestions, that's all. I swear, when I said was stupid, I didn't mean I was THAT stupid :)
-- Justin Shin
-Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 22, 2003 11:05 PM
To: Justin Shin
Cc: [EMAIL PROTECTED]
Subject: Re: [Full-Discl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Jul 22, 2003 at 09:33:00PM -0400, Justin Shin wrote:
> i know there's a lot of stupid jokes about XSS vulns right now, but I was wondering
> if there is any firewall or IDS software that can look for suspicious GET requests
> ... ie.
>
> GET
-- Justin Shin
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 22, 2003 11:05 PM
To: Justin Shin
Cc: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] logically stopping xss
On Tue, 22 Jul 2003 21:33:00 EDT, Justin Shin <[EMAIL PROTECTED]> sai
On Tue, 22 Jul 2003 21:33:00 EDT, Justin Shin <[EMAIL PROTECTED]> said:
> i know there's a lot of stupid jokes about XSS vulns right now, but I was
> wondering if there is any firewall or IDS software that can look for suspicious
> GET requests ... ie.
> GET /vulnerablewebapp/?
> I'm sure there
Actually that's really easy to implement in Apache's mod_rewrite,
look at External Program.
I did one a while back where I basically dumped Nikto into
a precompiled regexp map - it does catch quite a bit, I also use
that agains PIX syslog messages.
/JE
Justin Shin wrote:
i know there's a lot of s
10 matches
Mail list logo