
Figure 5.52 Session Initiated as Session ID 0
Immediately following the session establishment, XSS-Proxy starts “fetching”
the main root of the document.domain, which in this case is (see Figure 5.53):
http://us.f900.mail.yahoo.com/ym/login/.rand=5mube7lk6nic9
Figure 5.53 XSS-Proxy Loads Its Code and Starts Fetching the Site in
Fragments
The attacker can now commence the control of the browser’s activity for this
session using the XSS-Proxy administration panel (see Figure 5.54).
www.syngress.com
The Dark Side of the Web • Chapter 5 285
335_PH_EXP_05.qxd 10/7/05 6:02 PM Page 285