Comments on: Snippets of defense Pt.II

By: Content Injection: Hack the Hacker | GNUCITIZEN

Content Injection: Hack the Hacker | GNUCITIZEN — Mon, 08 Mar 2010 12:18:55 +0000

[...] blocking etc). Check out some of Mario’s code snippets of defense for the idea: here, here, here, and [...]

By: Content Injection: Hack the Hacker » Inking's Security Blog

Content Injection: Hack the Hacker » Inking's Security Blog — Fri, 11 Apr 2008 14:51:36 +0000

[...] logging, blocking etc). Check out some of Marioâ€™s code snippets of defense for the idea: here, here, here, and [...]

By: clinisbut

clinisbut — Mon, 15 Oct 2007 12:00:13 +0000

Ah… I understand, only lefts find a way to execute that eval(window.name) in the other website isn’t it?

By: Mario Heiderich

Mario Heiderich — Mon, 15 Oct 2007 09:39:31 +0000

You can use Firebug/the JS console to do this. Just navigate to an arbitrary site, use the console and enter window.name = ‘alert(“hello “)’. Then navigate to another site and open the console again. Enter eval.name and it’ll work.

By: pdp

pdp — Mon, 15 Oct 2007 09:10:47 +0000

first of all you need to set it!

By: clinisbut

clinisbut — Mon, 15 Oct 2007 07:17:40 +0000

I don’t understand at all what’s the possible attack… ’cause the alert(name) doesn’t outputs anything to me on firefox 2.07

I’m trying to alert( window.name ) too but a empty alert pops up!

By: Jim

Jim — Sun, 14 Oct 2007 03:45:53 +0000

But even if you do not filter this attack correctly, I believe proper output encoding (HTML Entitly Encoding) will protect against even this kind of attack.

By: Sirw2p

Sirw2p — Sat, 13 Oct 2007 10:36:58 +0000

Good advice, many applications are still vulnerable for things like that..

Best.