I have tried a few things to no avail.Is this possible?

Suppose you have two browsers open,one,Firefox browsing http://this.site.Then, say,you have Opera open on another site,http://that.site.Is there a way to link these two browsers' sessions through XSS or CSRF?

Killing Me,
cttnmth

Well... not easily and I'm only working on doing it by IP address.

The way I would do it:

Get cookie from Site A using XSS
Submit cookie to your own site registering the IP address it was submitted with
Site B (again via XSS but in different browser) requests JSON file (via <script> tag) from your site which matches up the IP address from the last request and serves a JSON file that contains the cookie data from Site A
Write the cookie data from the JSON object into document.cookies.

http://www.the-mice.co.uk/switch/ Switch/Twitch
http://code.google.com/p/dotnetids .NETIDS

use security vulns for access to local file system.

it is certainly possible if they have the same session across both browsers, although this normally wouldn't happen. i wonder if it is possible to inject a cookie into their second browser with the same session id as the first browser?

let me put some more thought into this. i've thought about it before and had a few ideas on how to do this. i'm certain it's possible

I was thinking about this earlier when I read an article about people browsing with two browsers for extra security. Aside from using an exploit to access the local file system and write a new cookie/etc for the other browser, I have no good ideas unless they visit the same site in both browsers.

I'm thinking there might be some fancy thing involving an iframe and csrf, but I'm busy drinking.

- Kyran

In my limited knowledge of this type of security, the one thing I can think of would be if the person is browsing with the browser that is NOT their 'default' browser, at which point you could open a new hidden browser using some of that magic you guys possess, at which point you would have access to both browsers.

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

That's a good idea, there must be a way to trick the current browser to open a new window in the default browser, either open a site you control, or open the 'safe' browser site with an XSS vuln.

- Kyran

I rather put my money on stealing it between two tabs then two browsers.

I was trying to steal cookies using XSS from Opera via Firefox.No go,so far.

If I can get something working,I will let you all know.

Cheers,
cttnmth

if you're in a M$ world, did you try the %-URL-vulnerability?

@ntp - yes you can swap/inject cookies (specifically session id's) between browsers with no problems.

As for stealing them between browsers, you need to find a persitant xss hole which you can leverage as a storage point in the code to hide and retreive the session id (which is why you should always bind the cookie to an IP and Browser string at the minumum).

----------
'Just because you got the bacon, lettuce, and tomato don't mean I'm gonna give you my toast.'