• Welcome to Valhalla Legends Archive.
 

Javascript Injection

Started by iago, February 20, 2004, 12:01 PM

Previous topic - Next topic

iago

I found a way to inject javascript into our software that I can't really resolve.  I need to demonstrate to somebody what the security consequences are.  

Can somebody remind me how to use it to grab a cookie from a user?  Thanks :)
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


Banana fanna fo fanna


iago

Quote from: St0rm.iD on February 20, 2004, 02:00 PM
document.cookie?

That's all I needed to know; stupid javascript :)
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*