HTTP Proxy for XSS Channels
Günlük Okunma : 9 | 22.03.2007
Last week I was reading the brief of Black Hat Europe 2007 Kicking Down the Cross Domain Door (One XSS at a Time) speak. It seems a nice one and there is a very good idea in it, using a proxy for a XSS Proxy like XSS Shell or Beef. Since I’m not quite sure that’s the intention of speakers but for sure they are going to present a very similar concept. Let’s consider this attack scenario, There is a XSS in a website, you exploited XSS vulnerability and gain the admin’s session, but admin folder is protected by IP restrictions or NTLM etc. Of course you able to got it through XSS Shell but the......
Last week I was reading the brief of Black Hat Europe 2007 Kicking Down the Cross Domain Door (One XSS at a Time) speak. It seems a nice one and there is a very good idea in it, using a proxy for a XSS Proxy like XSS Shell or Beef. Since I’m not quite sure that’s the intention of speakers but for sure they are going to present a very similar concept. Let’s consider this attack scenario, There is a XSS in a website, you exploited XSS vulnerability and gain the admin’s session, but admin folder is protected by IP restrictions or NTLM etc. Of course you able to got it through XSS Shell but the......
Arşiv
Yeni yazıları RSS ile takip edebilir ya da e-mail adresinize gelmesini sağlayabilirsiniz.
En Çok Okunan 10 Yazı | Toplam En Çok Okunan 10 Yazı | Tüm yazılar ve Makaleler