Jump to content

Dangerous exploit on weather underground (wunderground.com)

speaker219

By speaker219
in Miscellaneous

 Share

Recommended Posts

Daniel0 Advanced Member

Daniel0

Posted
Posted

Just so you know, you can always execute arbitrary Javascript on any web page. (Firebug is an easy place to start) It's when you can make the server do silly things that you would consider it a security problem.

 

The point in the above is that if you can get a user to click the link, then YOU choose what Javascript that should be executed. You could e.g. send document.cookie data to another page where some sort of harvester script is. In that way you can steal a user's cookies and possibly log in as that user using those cookies. That's called a Type-1 XSS attack.

 

Example from Wikipedia:

  1. Alice often visits a particular website, which is hosted by Bob. Bob's website allows Alice to log in with a username/password pair and store sensitive information, such as billing information.

  2. Mallory observes that Bob's website contains a reflected XSS vulnerability.

  3. Mallory crafts a URL to exploit the vulnerability, and sends Alice an email, making it look as if it came from Bob (ie. the email is spoofed).

  4. Alice visits the URL provided by Mallory while logged into Bob's website.

  5. The malicious script embedded in the URL executes in Alice's browser, as if it came directly from Bob's server. The script steals sensitive information (authentication credentials, billing info, etc) and sends this to Mallory's web server without Alice's knowledge.

Link to comment
Share on other sites
speaker219 Member

speaker219

Posted
  • Author
Posted

The point is that a scammer could use this to disguise himself as a ligitimate site on Weather Underground.

See the definition of XSS:

Cross site scripting (XSS) is a type of computer security exploit where information from one context, where it is not trusted, can be inserted into another context, where it is. From the trusted context, an attack can be launched

Link to comment
Share on other sites
Azu Advanced Member

Azu

Posted
Posted

Just so you know, you can always execute arbitrary Javascript on any web page. (Firebug is an easy place to start) It's when you can make the server do silly things that you would consider it a security problem.

I bet you can't make someone run arbitrary Javascript on MY website from just clicking a link..

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.