Home page logo
  • Nmap Security Scanner
  • Security Lists
  • Security Tools
  • Site News
  • Advertising
  • About/Contact
  • Sponsors:



/

fulldisclosure logo Full Disclosure mailing list archives

Re: Question regarding script vulnerabilities
From: Philip Whitehouse <philip () whiuk com>
Date: Thu, 20 Dec 2012 13:00:08 +0000
Malicious scripts are generally designed to one of two targets:

1) The user-base of the target.

An XSS vulnerability typically gives you the ability to hijack a users browser, possibly allowing remote code execution 
on their machine or intercepting keystrokes while on the site. In addition to allowing your users (and admins) data to 
be harvested you suffer reputational damage.

2) Remote code targeting the actual site. 

If the file has permissions, it could delete files on the server.

So now we have established the purpose, let's consider deployment:

1) File upload.

Many websites deliberately allow file upload (avatars on forums, images for blog posts, shared files and so forth). If 
not correctly sanitised there is little stopping them uploading a server side script, client side script or other 
nefarious file.

Incidentally this was the main threat of the image exploit - websites couldn't guarantee uploaded avatars didn't 
contain executable code.

2) Script tags

Typically forums will sanitise text to remove script tags. Blogs are often less punitive. If anyone can upload HTML raw 
then via privilege escalation or hijack there is the potential for an attacker.

To be honest if you even slightly suspected your host, you're screwed - malicious scripts are the least of your 
problems...

Philip Whitehouse

On 19 Dec 2012, at 05:25, Rand McRanderson <therandshow () gmail com> wrote:


I was curious, if you have a virtual dedicated server or a dedicated server, and a reasonably trustworthy hosting 
service, are malicious scripts planted by external people a big concern? If so why?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]