Small XSS Paper : Dangerous HREF Attributes which don't have quotes - Yorumlar Ferruh Mavituna - Me, Myself and My Alter Ego... Ferruh Mavituna http://ferruh.mavituna.com Paz, 12 Şub 2012 19:35:54 +0200 Ferruh Mavituna http://ferruh.mavituna.com http://ferruh.mavituna.com/rss/rss.gif Ferruh Mavituna http://ferruh.mavituna.com/small-xss-paper-dangerous-href-attributes-which-don-t-have-quotes-oku/ Ferruh Mavituna Cum, 28 Kas 2008 13:53:39 +0200 <blockquote>&lt;a href=&quot;default.asp?session=&lt;%=Server.HTMLEncode(Request.Querystring(&quot;&quot;session&quot;&quot;))%&gt;&quot;&gt;Main Page&lt;/a&gt;</blockquote><br /><br />Yes this is safe. Ceng http://ferruh.mavituna.com/small-xss-paper-dangerous-href-attributes-which-don-t-have-quotes-oku/ Ceng Çar, 26 Kas 2008 21:22:59 +0200 &lt;a href=&quot;default.asp?session=&lt;%=Server.HTMLEncode(Request.Querystring(&quot;&quot;session&quot;&quot;))%&gt;&quot;&gt;Main Page&lt;/a&gt;<br /><br />this code is safely? binish http://ferruh.mavituna.com/small-xss-paper-dangerous-href-attributes-which-don-t-have-quotes-oku/ binish Cmt, 07 Ağu 2004 12:38:26 +0200 thanks for good skill.. Jayhoonova http://ferruh.mavituna.com/small-xss-paper-dangerous-href-attributes-which-don-t-have-quotes-oku/ Jayhoonova Per, 05 Ağu 2004 20:49:08 +0200 Su class i merak ettim biz de inceleyebilir miyiz? Shiva Shidapu http://ferruh.mavituna.com/small-xss-paper-dangerous-href-attributes-which-don-t-have-quotes-oku/ Shiva Shidapu Pzt, 26 Tem 2004 02:28:48 +0200 @Ferruh bey size cuma g&#252;n&#252; g&#246;nderdim yazdigim classi. Acaba inceleme firsatiniz oldu mu? Ferruh Mavituna http://ferruh.mavituna.com/small-xss-paper-dangerous-href-attributes-which-don-t-have-quotes-oku/ Ferruh Mavituna Cum, 23 Tem 2004 00:50:37 +0200 @Shiva Shidapu, Tabii hem sitede yayinlayabiliriz hemde sahsen kontrol asamasinda yardimci olmaya &#231;alisirim. Ek olarak zaten bu tip g&#252;venilk kodlarinin public olarak test edilmesi de &#231;ok daha iyi seydir. Birinin g&#246;z&#252;nden ka&#231;ani digeri yakalayabilir. Shiva Shidapu http://ferruh.mavituna.com/small-xss-paper-dangerous-href-attributes-which-don-t-have-quotes-oku/ Shiva Shidapu Per, 22 Tem 2004 11:26:18 +0200 Bencede bunun birde t&#252;rk&#231;esini yazsaydin.. Velasil bununla ilgili d&#252;n &#231;ok g&#252;zel bir class yazdim &#231;ok yakinda yayinlayacagim..<br /><br />@Ferruh bey sitenizde de yayinlarsaniz &#231;ok mutlu olarum.. Hatta isterseniz ilk &#246;nce size g&#246;nderip denemenisi isterim.. Emin olmak i&#231;in..<br /><br />Classin yaptigi SQL injection ve XSS a&#231;iklarini en aza indirgemek ve hatta tamamen yapmak.. Ben yaptigim &#231;alismalarda hersey m&#252;khemmel ama siz bu konularda benden daha bilgilisiniz..<br /><br />Eger denemeyi kabul ederseniz &#231;ok sevinirim..<br /><br />Bu arada istege bagli olarak yapilan saldirilari g&#252;nl&#252;k olarak logluyor. Zaman,ip ve saldiri sekli olarak..<br /><br />Saygilar kuen http://ferruh.mavituna.com/small-xss-paper-dangerous-href-attributes-which-don-t-have-quotes-oku/ kuen Per, 22 Tem 2004 04:01:34 +0200 t&#252;rk&#231;esinide yazsaydin s&#252;per olurdu<img src="/mg/smilies/smile.gif" width="21" height="22" alt=":)" />