Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

good read

  1. Home
  2. Forum
  3. Hacking in general
  4. good read

korg's Avatar

korg

Admin from hell
0 0

BBBBBoring……………Basic old bullshit.


ghost's Avatar

ghost

0 0

That wasn't really a good read at all. It showed painfully simple XSS, and I don't even recall it explaining how to use XSS to do any real exploiting, not even password stealing…. Hip hip hooray for the painfully useless applications of XSS :|


ghost's Avatar

ghost

0 0

I was talking about it covered the concept very well. And using it in a different way than just getting cookies.


ghost's Avatar

ghost

0 0

austinator wrote: I was talking about it covered the concept very well. And using it in a different way than just getting cookies.

http://keepitlocked.net/archive/2008/06/17/quot-the-spy-who-hacked-me-quot-teched-2008-demo.aspx

I know I've posted this here before, but it looks like you might find it interesting. It shows real, mostly uncovered attack vectors of XSS. Doesn't cover the coding behind it, it simply shows the attack being performed. A lot better than redirecting to a download. Woopdeedoo :|


ghost's Avatar

ghost

0 0

Oh yea I've seen this before Veeeeeeeeeeeeeeeery interesting thanks for the link again. :)


Night_Stalker's Avatar

Night_Stalker

Member
0 0

I haven't found too many site so far that can have this done to..


spyware's Avatar

spyware

Banned
0 0

I want my seven seconds back.

Dangers of XSS…

these day's browser keep some of the dangers of XSS outside.. Like.. if an script want to write/edit edit files on the computer it needs extra permission from the user… or by some browsers it just get blocked…

I mean, seriously?


ghost's Avatar

ghost

0 0

Don't forget the time it took to selectively quote and post…


Night_Stalker's Avatar

Night_Stalker

Member
0 0

I didn't even notice all of the typos on that page until after reading Spyware's quote.. Well, I hope they are typos, because if they aren't, whoever wrote that article must be very…. . uneducated…


spyware's Avatar

spyware

Banned
0 0

Night_Stalker wrote: I didn't even notice all of the typos on that page until after reading Spyware's quote.. Well, I hope they are typos, because if they aren't, whoever wrote that article must be very…. . uneducated…

Typo's? Are you fucking kidding me?

I could care less about the typo's, the informational value is BELOW OIL RESERVES.

It's sad.


Night_Stalker's Avatar

Night_Stalker

Member
0 0

Well, I was expecting things to be more advanced.. Much more advanced…. :(


ghost's Avatar

ghost

0 0

spyware wrote: [quote]Night_Stalker wrote: I didn't even notice all of the typos on that page until after reading Spyware's quote.. Well, I hope they are typos, because if they aren't, whoever wrote that article must be very…. . uneducated…

Typo's? Are you fucking kidding me?

I could care less about the typo's, the informational value is BELOW OIL RESERVES.

It's sad.[/quote]

Eh, it came from elitehackers.info what do you expect?? :xx:


fuser's Avatar

fuser

Member
0 -1

true, it was pretty basic and actually is pretty obfuscating imo.


Infam0us's Avatar

Infam0us

Member
0 0

Night_Stalker wrote: I haven't found too many site so far that can have this done to..

Really? XSS is the most commonly found web vulnerability on the internet. I have found xss in quite a few sites…

Just look at the HoF for how many have been found here.

Remember there are more than just persistent xss ;)