<<< Date Index >>>     <<< Thread Index >>>

Re: Linksys WRT54 GL - Session riding (CSRF)




| Isn't your exploit somewhat complicated?  Just put
| | <img
src="http://192.0.2.1/level/15/configure/-/enable/secret/mypassword"/>
| | on a web page, and trick the victim to visit it while he or she is
| logged into the Cisco router at 192.0.2.1 over HTTP.  This has been
| dubbed "Cross-Site Request Forgery" a couple of years ago, but the
| authors of RFC 2109 were already aware of it in 1997.


With an swf file using php one wouldn't need to trick someone entirely, just hope they don't have a pop up blocker


http://www.infiltrated.net/nojava.pimp

--
====================================================
J. Oquendo

SGFA #579 (FW+VPN v4.1)
SGFE #574 (FW+VPN v4.1)

wget -qO - www.infiltrated.net/sig|perl

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature