Followers 0

The Extended HTML Form attack

By hari, June 19, 2008 in Exploituri

Recommended Posts

hari

Posted June 19, 2008

- Report

Posted June 19, 2008

Un prieten de-al meu a publicat zilele astea un paper interesant intitulat "The Extended HTML Form attack". Il gasiti aici http://resources.enablesecurity.com/resources/the%20extended%20html%20form%20attack%20revisited.pdf

Idea de baza este sa faci XSS (cross site scripting) folosind alte protocoale decat HTTP. De exemplu IMAP, daca nu intelege o comanda face echo la gresela si este perfect pt. XSS.

Este destul de interesant paper-ul si are si un exemplu de XSS pentru Yahoo.

Nu stiu cat o sa mai functioneze, functiona cand am testat eu.

Quote

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

× Pasted as rich text. Paste as plain text instead

Only 75 emoji are allowed.

× Your link has been automatically embedded. Display as a link instead

× Your previous content has been restored. Clear editor

× You cannot paste images directly. Upload or insert images from URL.

Insert image from URL

Followers 0

Go to topic listing

Sign In

The Extended HTML Form attack

Recommended Posts

hari

Join the conversation

Browse

Activity

Pages