|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Michal Zalewski (lcamtuf
dione.ids.pl)
Date: Mon Jul 02 2007 - 04:15:06 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, 2 Jul 2007, Joseph Hick wrote:
> I succeeded in writing the same PoC without label with minor
> modifications.
Would that allow you to selectively redirect keystrokes (that is, check
event's keycode)? More importantly, does Carl's original example allow
that?:-)
An example of event check logic is implemented in my original POC; if you
can't redirect selectively (that is, prevent certain events from being
delivered to INPUT TYPE=FILE field), the flaw is much less severe.
(Would check that, but am at work).
/mz
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]