Bypassing Internet Explorer’s XSS Filter

DerbyCon 4.0 - Family Rootz

Presented by: Carlos Munoz
Date: Friday September 26, 2014
Time: 19:00 - 19:50
Location: Track 1

There is a known flaw in the built-in anti-reflective Cross Site Scripting filter in Microsoft’s Internet Explorer web browser. This is a flaw that Microsoft knows about- but has decided that it will not be fixed. Bring your laptop with a Windows VM and learn how to perform this bypass.

Carlos Munoz


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats