Menüyü Gizle

XSS Tunnelling Paper and XSS Tunnel Tool

Etiketler english, xss, xss tunnelling, web 2.0, fm, application, paper, applications, 26.07.2007

Finally I released XSS Tunnelling paper and the tool about two weeks ago. It was supposed to be released in Italy OWASP 2007 but I couldn't attend because of a stupid visa problem. Thus I released and presented in Web Security Days - OWASP Turkey event.

I was playing with this idea for six months or something, finally I got  my hands dirty and code it and wrote the brief paper.

XSS Tunnelling Paper

XSS Tunnel and XSS Shell (source codes and binaries)

XSS Tunnelling Video

 

I've got really good reviews so far, please feel free to send your comments. In my humble opinion this is the final point of "session hijacking".

Yorum Ekle Yorumunu Ekle - Yazıcı Versiyonu Yazıcı Versiyonu - Yorumlar için RSS Yorumlar için RSS

ramazan - 12.02.2009

thank you very much

Cemil Durgan - 31.07.2007

of course, i installed net framework 3.0 and now it is running.http://www.microsoft.com/downloads/details.aspx?FamilyID=10cc340b-f857-4a14-83f5-25634c3bf043&DisplayLang=en

thanks

Ferruh Mavituna - 28.07.2007

I got an error when trying run XSSTunnel.exe.

Do you .NET Framework 2, that should be the reason.

Cemil Durgan - 27.07.2007

I got an error when trying run XSSTunnel.exe.

"Uygulama düzgün olarak baslayamadi (0xc0000135). Sonlandirmak için TAMAM dügmesini tiklatin."

Sorry, i can't understand why i got that error...

Cemil Durgan - 27.07.2007

Thank you. I got it, i will learn what is XSS Tunnelling.

Yorum Yazın


Tüm yorumlar onaydan geçmektedir, bu işlem en uzun 30 dk. sürecektir. E-mail adresleri yeni yorumları bildirme harici hiç bir başka amaçla kullanılmamaktadır ve sitede gözükmemektedir.



Captcha Kodu