|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 148
Members: 0
Total: 148
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Cross Site Tracing |
|
Posted: Tue Nov 25, 2008 10:26 pm |
|
|
VERTIGO |
Advanced user |
|
|
Joined: Sep 25, 2008 |
Posts: 87 |
|
|
|
|
|
|
|
If anyone has any information for Cross Site Tracing and how to explore,i will be gratfull if someone explaind these type of vulnerability |
|
|
|
|
Posted: Wed Nov 26, 2008 3:28 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
http://en.wikipedia.org/wiki/Cross-site_tracing
It's useless in most of the times. Only if you have target, which uses basic auth (or digest auth) and you have found XSS vulnerability and if you have successful in social engineering (as in case of any reflected XSS), then you may be able to steal basic auth base64-encoded username/password pair or digest auth hash. |
|
|
|
|
Posted: Wed Nov 26, 2008 6:46 pm |
|
|
VERTIGO |
Advanced user |
|
|
Joined: Sep 25, 2008 |
Posts: 87 |
|
|
|
|
|
|
|
|
|
|
|
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|