xss-verwundbarkeit - Unclassified NewsBoard

heeen (Guest) 2006-06-26, 13:51 #1

No profile available.

Link to this post

Subject: xss-verwundbarkeit

http://newsboard.unclassified.de/forum/post/6750;nocount
funktioniert allerdings nur mit internet explorer

heeen (Guest) 2006-06-26, 13:53 #2

No profile available.

Link to this post

http://ha.ckers.org/xss.html
die sollte man sich mal genau anschauen, besonders die mit bildern funktionieren

Yves (Administrator) 2006-06-26, 17:43 #3

User title: UNB developer & webmaster
Member since Jan 2004 · 3814 posts · Location: Erlangen, Germany
Group memberships: Administrators, Members

Show profile ·

Link to this post

Problem behoben, neue Version steht in wenigen Sekunden zum Download bereit.

Problem resolved, the new version is available for download in a few seconds.

♪ ...nanananah, all in all we’re just brilliant thieves, nanananah... ♪♬

Yves (Administrator) 2006-06-26, 17:56 #4

User title: UNB developer & webmaster
Member since Jan 2004 · 3814 posts · Location: Erlangen, Germany
Group memberships: Administrators, Members

Show profile ·

Link to this post

de:
Okay, dieser Fix wird nur teilweise funktionieren. Da wird einem ja übel, beim Durchlesen der ganzen Fehler im Internet Explorer. Ich habe keine Zeit oder Lust, alle 5000 möglichen Kombinationen ungültigen HTMLs zu erkennen, nur damit an dieser Stelle kein JavaScript ausgeführt werden kann. Dann ist der Internet Explorer eben unsicher, das war er sowieso schon, ich werd's nicht ändern.

en:
This fix will only partially cover the symptoms. There are still remaining situations in which JavaScript can be executed in Internet Explorer. It would take me ages to detect them all, and so Internet Explorer remains highly insecure, just as before. And increasingly unsupported. Should I block out all IE users from the forum, anyone? Hey, it's for your own good!

♪ ...nanananah, all in all we’re just brilliant thieves, nanananah... ♪♬

Yves (Administrator) 2006-06-26, 18:12 #5

User title: UNB developer & webmaster
Member since Jan 2004 · 3814 posts · Location: Erlangen, Germany
Group memberships: Administrators, Members

Show profile ·

Link to this post

To be more precise: Internet Explorer 6 SP2 and Opera 9.0 are vulnerable in this, previous versions probably also, Firefox 1.5.0.4 and Internet Explorer 7 beta 2 are not.

♪ ...nanananah, all in all we’re just brilliant thieves, nanananah... ♪♬

heeen (Guest) 2006-06-28, 14:31 #6

No profile available.

Link to this post

das sollte doch relativ einfach sein, wenn man aus den image links zuerst alle nicht-printable zeichen rausfiltert, inklusive html-entity codierte, und dann "javascript" rausfiltert?

Yves (Administrator) 2006-06-28, 17:36 #7

User title: UNB developer & webmaster
Member since Jan 2004 · 3814 posts · Location: Erlangen, Germany
Group memberships: Administrators, Members

Show profile ·

Link to this post

Falls es jemand ausführlich testen möchte, funktioniert diese Funktion besser als die in 1.6.3?

Proposed improvement of filter function in 1.6.3:

common.lib.php:

function nojs($str)
{
$a = $str;
$a = preg_replace('/(?:&#0*([0-9]+);)/e', 'chr($1)', $a);
$a = preg_replace('/(?:&#x([0-9A-Fa-f]+);)/e', 'chr(hexdec(\'$1\'))', $a);
$a = preg_replace('/[\x00-\x20]/', '', $a);
if (preg_match('/^javascript:/i', $a)) return '';
return $str;
}

♪ ...nanananah, all in all we’re just brilliant thieves, nanananah... ♪♬

FrogDog (Guest) 2006-08-18, 01:03 #8

No profile available.

Link to this post

InternetExplorer einfach ausschliessen, und gut ist.

tuzhak 2007-04-26, 19:19 #9

Member since Apr 2007 · 3 posts
Group memberships: Members

Show profile ·

Link to this post

more explain in English language.