Burp Suite User Forum

Create new post

How to do POC for PRSSI vulnerability

Sachin | Last updated: Aug 07, 2015 06:32AM UTC

How to do POC for PRSSI vulnerability ??

PortSwigger Agent | Last updated: Aug 10, 2015 08:02AM UTC

Please refer to our blog post for an explanation of how to exploit PRSSI vulnerabilities, including a worked example: http://blog.portswigger.net/2015/02/prssi.html

Burp User | Last updated: Sep 03, 2015 05:43AM UTC

Thanks for your response. I Had already tried this blog. could you please share more information on PRSSI Vulnerability. Thanks Sachin

Liam, PortSwigger Agent | Last updated: Sep 03, 2015 07:50AM UTC

Hi Sachin As well as the initial work by Gareth Hayes - http://www.thespanner.co.uk/2014/03/21/rpo/ - we can suggest some further research, by various authors, that has been undertaken since our blog post. https://soroush.secproject.com/blog/2015/02/non-root-relative-path-overwrite-rpo-in-iis-and-net-applications/ http://www.mbsd.jp/Whitepaper/rpo.pdf http://blog.innerht.ml/cascading-style-scripting/ Please let us know if you need any further assistance.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.