Robert Hansen is at it again. This time he has produced a very simple exploit that will steal passwords that are stored (remembered) in the browser.The code is very simple and works a treat for Firefox.
I would recommend this over the usual XSS alert boxes the next time you are demoing cross site scripting. Try it out at http://ha.ckers.org/weird/xss-password-manager.html. I haven't tried it in any browsers besides firefox, but even if you can't read it straight out of the DOM, you could always rewrite the form action url or even hook the onsubmit call to send the username and password to a destination of your choosing.
I would recommend this over the usual XSS alert boxes the next time you are demoing cross site scripting. Try it out at http://ha.ckers.org/weird/xss-password-manager.html. I haven't tried it in any browsers besides firefox, but even if you can't read it straight out of the DOM, you could always rewrite the form action url or even hook the onsubmit call to send the username and password to a destination of your choosing.