| Author |
good read |
austinator
Member
Posts: 127
Location: In your cPanel :)
Joined: 24.02.08
Rank: HBH Guru |
|
I don't know if anybody has read this but I thought it was some good info on XSS:
https://www.elitehackers.info/forums/showthread.php?p=52491
|
|
| Author |
RE: good read |
korg
Admin from hell
Posts: 1704
Location: ENDING YOUR ONLINE EXPERIENCE!
Joined: 01.01.06
Rank: The Master |
|
BBBBBoring...............Basic old bullshit.
I deal in pain, All life I drain, I dominate, I seal your fate.
|
|
|
| Author |
RE: good read |
slpctrl
Member
Posts: 945
Location: 2147483647
Joined: 19.04.07
Rank: God |
|
That wasn't really a good read at all. It showed painfully simple XSS, and I don't even recall it explaining how to use XSS to do any real exploiting, not even password stealing.... Hip hip hooray for the painfully useless applications of XSS 
|
|
| Author |
RE: good read |
austinator
Member
Posts: 127
Location: In your cPanel :)
Joined: 24.02.08
Rank: HBH Guru |
|
I was talking about it covered the concept very well.
And using it in a different way than just getting cookies.
|
|
|
| Author |
RE: good read |
slpctrl
Member
Posts: 945
Location: 2147483647
Joined: 19.04.07
Rank: God |
|
|
austinator wrote:
I was talking about it covered the concept very well.
And using it in a different way than just getting cookies.
http://keepitlocked.net/archive/2008/06/17/quot-the-spy-who-hacked-me-quot-teched-2008-demo.aspx
I know I've posted this here before, but it looks like you might find it interesting. It shows real, mostly uncovered attack vectors of XSS. Doesn't cover the coding behind it, it simply shows the attack being performed. A lot better than redirecting to a download. Woopdeedoo
|
|
|
| Author |
RE: good read |
austinator
Member
Posts: 127
Location: In your cPanel :)
Joined: 24.02.08
Rank: HBH Guru |
|
Oh yea I've seen this before Veeeeeeeeeeeeeeeery interesting thanks for the link again. 
|
|
|
| Author |
RE: good read |
Night_Stalker
Member
Posts: 329
Location:
Joined: 01.02.07
Rank: Elite
Warn Level: 10
|
|
I haven't found too many site so far that can have this done to..
Edited by Night_Stalker on 18-08-08 02:33 |
|
|
| Author |
RE: good read |
spyware
Member
Posts: 4190
Location: The Netherlands
Joined: 14.04.07
Rank: God
Warn Level: 90
|
|
I want my seven seconds back.
Dangers of XSS...
these day's browser keep some of the
dangers of XSS outside..
Like.. if an scblockedript want to
write/edit edit files on the computer
it needs extra permission from the user...
or by some browsers it just get blocked...
I mean, seriously?
"The chowner of property." - Zeph Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term. - Carl Sagan Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor? - Ebert |
|
|
| Author |
RE: good read |
maug
Member
Posts: 612
Location:
Joined: 20.07.08
Rank: Monster |
|
Don't forget the time it took to selectively quote and post...
I pwn kittens. |
|
|
| Author |
RE: good read |
Night_Stalker
Member
Posts: 329
Location:
Joined: 01.02.07
Rank: Elite
Warn Level: 10
|
|
I didn't even notice all of the typos on that page until after reading Spyware's quote.. Well, I hope they are typos, because if they aren't, whoever wrote that article must be very. . .. .
uneducated... |
|
|
| Author |
RE: good read |
spyware
Member
Posts: 4190
Location: The Netherlands
Joined: 14.04.07
Rank: God
Warn Level: 90
|
|
|
Night_Stalker wrote:
I didn't even notice all of the typos on that page until after reading Spyware's quote.. Well, I hope they are typos, because if they aren't, whoever wrote that article must be very. . .. .
uneducated...
Typo's? Are you fucking kidding me?
I could care less about the typo's, the informational value is BELOW OIL RESERVES.
It's sad.
"The chowner of property." - Zeph Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term. - Carl Sagan Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor? - Ebert |
|
|
| Author |
RE: good read |
Night_Stalker
Member
Posts: 329
Location:
Joined: 01.02.07
Rank: Elite
Warn Level: 10
|
|
Well, I was expecting things to be more advanced..
Much more advanced....
 |
|
|
| Author |
RE: good read |
slpctrl
Member
Posts: 945
Location: 2147483647
Joined: 19.04.07
Rank: God |
|
spyware wrote:
Night_Stalker wrote:
I didn't even notice all of the typos on that page until after reading Spyware's quote.. Well, I hope they are typos, because if they aren't, whoever wrote that article must be very. . .. .
uneducated...
Typo's? Are you fucking kidding me?
I could care less about the typo's, the informational value is BELOW OIL RESERVES.
It's sad.
Eh, it came from elitehackers.info what do you expect?? 
|
|
|
| Author |
RE: good read |
fuser
Member
Posts: 959
Location: in front of a computer (duh)
Joined: 05.04.07
Rank: HBH Guru |
|
true, it was pretty basic and actually is pretty obfuscating imo.
Telling modern Internet users to stop whining is like telling them to stop breathing it seems unrealistic and inhumane. Paul Lutus
|
|
| Author |
RE: good read |
Infam0us
Member
Posts: 153
Location: 0x080484c6
Joined: 06.09.07
Rank: HBH Guru |
|
|
Night_Stalker wrote:
I haven't found too many site so far that can have this done to..
Really? XSS is the most commonly found web vulnerability on the internet. I have found xss in quite a few sites...
Just look at the HoF for how many have been found here.
Remember there are more than just persistent xss 
"Never memorize what you can look up in books." -Albert Einstein
[img]javasc ript:alert(document.cookie);[/img] |
|
|
Main:
