Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos

Bugtraq: Re: Linksys WRT54 GL - Session riding (CSRF)

Re: Linksys WRT54 GL - Session riding (CSRF)

From: J. Oquendo <sil_at_infiltrated.net>
Date: Mon, 14 Jan 2008 12:31:41 -0500

> | Isn't your exploit somewhat complicated? Just put
> |
> | <img
> src="http://192.0.2.1/level/15/configure/-/enable/secret/mypassword"/>
> |
> | on a web page, and trick the victim to visit it while he or she is
> | logged into the Cisco router at 192.0.2.1 over HTTP. This has been
> | dubbed "Cross-Site Request Forgery" a couple of years ago, but the
> | authors of RFC 2109 were already aware of it in 1997.

With an swf file using php one wouldn't need to trick someone entirely,
just hope they don't have a pop up blocker

http://www.infiltrated.net/nojava.pimp 

-- 
====================================================
J. Oquendo
SGFA #579 (FW+VPN v4.1)
SGFE #574 (FW+VPN v4.1)
wget -qO - www.infiltrated.net/sig|perl
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E

Received on Jan 14 2008
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]