Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A on cross site request forgeries and breaking into sessions. It's one of the attacks that XSS enables and the attack of the future. For Session, fixations, hijacking, lockout, replay, session riding etc.... 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
XST is still possible as of today?
Posted by: acemutha
Date: October 01, 2007 11:11AM

Hi I'd like to ask if it is still possible to exploit XST attack via some vectors, like xmldom/xmlhttp, action scripts or others...

The browsers I'm referring to are the latest Firefox 2.x and IE 7.x

Thx in advance.

Options: ReplyQuote
Re: XST is still possible as of today?
Date: October 04, 2007 10:36PM

Not sure if perhaps I am missing something, but generally as long as TRACE has not been disabled within a server, and some form of a cross-site scripting vulnerability exists then cross-site tracing is still possible. I know it still works for Internet Explorer 7.


Awesome AnDrEw - That's The Sound Of Your Brain Crackin'
http://www.awesomeandrew.net/

Options: ReplyQuote
Re: XST is still possible as of today?
Posted by: kuza55
Date: October 05, 2007 12:03AM

Awesome AnDrEw Wrote:
-------------------------------------------------------
> Not sure if perhaps I am missing something, but
> generally as long as TRACE has not been disabled
> within a server, and some form of a cross-site
> scripting vulnerability exists then cross-site
> tracing is still possible. I know it still works
> for Internet Explorer 7.


Ummm, do you have some PoC code you could post? Because last I checked this was fixed in the latest browsers.....

----------------------------------------------------------
Don't forget our IRC: irc://irc.irchighway.net/#slackers
[kuza55.blogspot.com]

Options: ReplyQuote
Re: XST is still possible as of today?
Posted by: jamuse
Date: October 08, 2007 04:03PM

It was fixed in the latest browsers but there seems to be a work around that Amit Klien came up with. By adding some white space before the method, you can bypass the TRACE restriction in IE. For more details see:

http://jeremiahgrossman.blogspot.com/2007/04/xst-lives-bypassing-httponly.html

Options: ReplyQuote
Re: XST is still possible as of today?
Posted by: kuza55
Date: October 08, 2007 06:17PM

That only works in IE6 to be specific, and considering that Microsoft is rolling out IE7 as a critical update (i.e. its going to non-legit copies of windows as well), I think that the value of any attacks against IE6 is rather low atm.

----------------------------------------------------------
Don't forget our IRC: irc://irc.irchighway.net/#slackers
[kuza55.blogspot.com]

Options: ReplyQuote
Re: XST is still possible as of today?
Posted by: Coded32
Date: June 16, 2013 01:21AM

is there any POC code available, one is via th pr0ceed team, but they didn't share much but a video on there YT channel -> http://tube.7s-b.com/Pr0ceed/
This has been proved to exist in browser beyond ie 6.0 till IE 7.x SP2

Just need POC code with end results for penetration test.

Options: ReplyQuote


Sorry, only registered users may post in this forum.