In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-03-29 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)05/31 Report--
In this issue, Xiaobian will bring you about how to build XSS worms on Atmail. The article is rich in content and analyzes and narrates from a professional perspective. After reading this article, I hope you can gain something.
preface
Atmail is a popular cloud service and e-mail hosting provider, currently used by companies, hosting providers and ISPs such as DreamHost, LegalShield (USA), m:tel(Bosnia), iiNet and Optus (Australia). As an Atmail user on DreamHost, I've seen several e-mail based XSS attacks that have impressed me while I've been focusing on bug rewards projects. I tried to find a security hole in their webmail client, and within hours I had developed a working Payload, but I wanted to go further and build an old XSS worm. The best-known XSS worm was the one that infected MySpace in 2005, and the latest variant of the worm infected TweetDeck in 2014.
I'm going to show you how to build an XSS Payload that propagates itself through target user contacts.
test environment
Before we start, we need to set up a simple test environment. We can send an email with the following command, and then plant the XSS test Payload in the message content:
cat content | mail -a "Content-type: text/html" -s "test" victim1@zjulian.com
Next, use Firefox's developer tools to see how the XSS Payload is rendered in the DOM of the Web mail client.
Build XSS Payload
The first step is to build an XSS Payload that bypasses Atmail content filters. I started by sending an email with all valid HTML tags and then seeing if it delivered, although I only intended to use
Labels. But, uh,
Tags are great for building XSS payloads, but the target user must choose to display images in Atmail before XSS can be triggered. So we have to use tags that don't require user interaction to render content, so we can improve the quality of the Payload.
Next, I started to investigate how Atmail clears Payload. Atmail To filter the content of the email and display syntactically correct markup information in the user browser, Atmail will
The characters and HTML attributes in the tag are modified. After researching Atmail, I found that Atmail only accepts src, alt, longdesc, style, height, and width attributes, and I also noticed that Atmail converts single quotes to double quotes, removes onerror events, and removes all attributes that do not contain src attributes.
Labels.
Although the onerror event has been removed, if you can
Using both single and double quotes in the tag may bypass Atmail's filtering mechanism. Obviously, this is feasible:
Here is what appears in the Web mail client:
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.