Amazon

21.9.10

Twitter gets JACKED


Ed Skoudis gave a talk at Hack in the Box last year where he lamented how sad it was that SQL injection was still going on. I would like to add Cross Site Scripting to that lamentation today. I was logged into Twitter this morning and suddenly started seeing a similar "re-tweet." I jumped on the Google and saw several early write ups saying Twitter was getting pwned. Here is the tweet I got:

www.t.co/@"onmouseover="document.getElementById('status').value='RT MiguelTarga';$('.status-update-form').submit();"class="modal-overlay"/


"onmouseover", you have got to be kidding me. I booted into a system I didn't care about and ran the cursor over the code; bang I was retweeting. That's slick, no clicking invovled. A successful stored XSS attack on a major site in 2010, awesome. Here's a quick write-up on XSS if you don't know how it works: http://en.wikipedia.org/wiki/Cross-site_scripting
 I switched over to m.twitter.com to watch the rest of the action since javascript isn't enabled on that site. The Twitter team responded quickly and cleared everything up within a reasonable amount of time. This should help prove that social media does not belong inside your network.

No comments:

Post a Comment