Re: [Full-disclosure] Attacking the local LAN via XSS
On Friday 04 August 2006 16:06, pdp (architect) wrote:
> IMHO, if you want to do stuff on lower level, you need to think of
> something else. JavaScript, Flash and Java Applets are technologies
> that are designed to run on the WEB. This is why, IMHO, they are quite
> good platform for performing WEB/HTTP based attacks.
OK, I'm really interested what are those login web pages with default password
for admin:password I see all my network. I bet there are more than 10%
routers with open http ports.
I can attach snapshots if you buy me a beer.
The question is what where is the xss bug on major http admin panel's.
excuse my english. my bulgarian is better.
--
Nikolay Kubarelov
ICQ: 172892700
http://gramophon.com
admin@xxxxxxxxxxxxx
+359 88 631-0-634