Posts

Showing posts from May, 2012

From XSS to NT AUTHORITY

Image
A lot of times i have seen Cross-site scripting vulnerabilities classified as low impact or not significant. Thus, this time i want to show you how an attacker can get administration privileges through a simple XSS. A couple of months ago i discovered an XSS vulnerability affecting the uk website of Orange http://www.orange.co.uk . I've emailed them a month ago (and two weeks ago) regarding this vulnerability, but i haven't received any response yet. From wikipedia: Orange is the flagship brand of the France Telecom group for mobile, landline and Internet businesses, with 226 million customers as of December 2011 and, under the brand Orange Business Services, is one of the world. How i found this XSS ? When you read an article, for example this one obesity_levels_could_be_cut_with_20_fat_tax , you can see  the users comments at the bottom of the page. If a user want to leave a comment, he must log in via google, facebook etc.... Once logged, the website create a profil