Oops, That Wasn't Suppossed To Happen: Bypassing Internet Explorer's Cross Site Scripting Filter

Presented at BSidesLV 2014, Aug. 6, 2014, 10:35 a.m. (30 minutes).

There's a problem with Internet Explorer's anti-Reflective Cross Site Scripting filter. A problem Microsoft knows about, but has decided not to fix. Drop on by and learn a method for bypassing the anti-XSS filter in all versions of Internet Explorer.

Presenters:

• Carlos Munoz
  Carlos Munoz still considers himself relatively new to the world of Information Security, coming from the field of Mechanical Drafting & Design. For the past two and a half years he has focused on Web Application vulnerability assessment and light penetration testing,

Links:

• https://bsideslv2014.sched.com/event/1oNNWv9/oops-that-wasnt-suppossed-to-happen-bypassing-internet-explorers-cross-site-scripting-filter
• https://infocon.org/cons/Security BSides/BSides Las Vegas/BSides Las Vegas 2014/oops that wasnt suppossed to happen bypassing internet explorers cross site scripting filter ca.mp4
• https://www.youtube.com/watch?v=A8kPIr3IGjM

Similar Presentations:

• HushCon 2014 / Doors Open, People Filter In
• ToorCon San Diego 16 (2014) / Bypassing Internet Explorer's XSS Filter
• GrrCON 2018 / w.e w.e Internet Explorer Does What It Wants