DOM Based XSS In AVG
Lately, i have been researching on DOM based XSS a bit, Recently i found a DOM based XSS in AVG, DOM based XSS is caused due to lack of input filtering inside client side javascripts, since most of the code is moving towards client side, therefore DOM based xss have been very common now a days, It is predicted by the experts that the DOM based xss mostly occurs in the websites that heavily rely upon javascripts.
With that being said, let's take a look at the DOM based XSS POC:
The vulnerability is the result of lack of escaping done in "js_stdfull.js". The following is the screen shot of the vulnerable code causing the DOM based XSS:
//display the correct tab based on the url (#name) var pathname = $(location).attr('href');var urlparts = pathname.split("#");
I would like to give full credits to David Vieira-Kurz from Majorsecurity.com (@secalert), for helping me sort out the vulnerable code.
Yet another security researcher, David Sopas also found the same issue but on the English version of the site:
http://labs.davidsopas.com/2013/01/avg-vulnerable-to-dom-xss.html
rafay u did not yet write an article on DOM xss ... when are u writing one ?
ReplyDeleteMy hearty apologies, We are working on a white paper on "DOM XSS ATTACKS", which is to be released soon.
ReplyDeleteNicely written. Dude, you are the real master of hacker world. I guess you should contact 'Anonymous'? ;) :P :D I am serious! You deserve that!
ReplyDeleteSir. Pls post article on How to hack facebook account 2013
ReplyDelete