36.gif

Search (advanced search)
Use this Search form before posting, asking or make a new thread.
Tips: Use Quotation mark to search words (eg. "How To Make Money Online")

03-31-2011, 01:33 AM
Post: #1
Learn XSS (Cross-Site Scripting) Injection
Learn XSS (Cross-Site Scripting) Injection

Cross-Site Scripting, commonly known as XSS, is a type of attack that gathers malicious information
about a user; typically in the form of a specially crafted hyperlink that will save the users credentials.
An example of this would be a well known XSS vulnerability in phpBB that allows the attacker to forge
his/her credentials to that of the administrative account.
One of the simpler ways of preforming an XSS attack is through the use of dynamically generated pages.
This relies on the ability to pass information from one page to another, whether valid or malicious.
Because a browser will render any valid scripting tag, an attacker is able to pass allowed content to the
next page or even stored location to be retrieved at a later time that may result in a popup with the viewers
cookie, for example.


Download Basic Ebook:
http://packetstorm.linuxsecurity.com/pap...inject.pdf

XSS (Cross Site Scripting) Cheat Sheet
http://ha.ckers.org/xss.html

03-31-2011, 02:04 AM
Post: #2
RE: Learn XSS (Cross-Site Scripting) Injection
o.O Wow... Great share of knowledge!
03-31-2011, 07:15 AM
Post: #3
RE: Learn XSS (Cross-Site Scripting) Injection
(03-31-2011 02:04 AM)theultima Wrote:  o.O Wow... Great share of knowledge!
it's a bot lol, but yeah I will have to check if i can tweak some old code which doesn't work on a site because of a new interface and stuff now. If it works I can hit frontpage on the social network like a piece of cake :rofl:
Easy Peesy lemon squeezy




24.gif