xss   6487

« earlier    

Metadata-Attacker
A Tool To Generate Media Files With Malicious Metadata
xss  Meta_Data  attack 
yesterday by aiefel
XSS Hunter
If this is how you hunt for Cross-Site Scripting (XSS)... ...
Archive  important  learning  online  pdf  pocket  tools  xss 
3 days ago by raj77_in
Bypassing Content Security Policy with a JS/GIF Polyglot (old 2015)
This post explains the creation of a JS/GIF polyglot to bypass Content Security Policy (CSP) in certain scenarios. We will build a custom polyglot file that is a valid GIF as well as JavaScript and use Xenotix to simulate real world exploitation.

Your PoC JS code can be just "alert(0)" or for Red Team Pentesting I would suggest you to use OWASP Xenotix XSS Exploit Framework (as I wrote it) or Beef (an alternative). In this post i will be using Xenotix.

Download Latest Xenotix from http://xenotix.in
polyglot  javascript  gif  xss 
12 days ago by bwiese
Chrome browser: Security implications of "--allow-file-access-from-files" - Stack Overflow
Ok, so you're saying that, by default, an HTML document opened in the browser, originating from the local file-system, cannot subsequently refer to another local file. Permitting this means potentially a maliciously crafted HTML + JS page dropped somewhere in your filesystem, when opened in a local browser, could submit the contents of a sensitive local file to an external entity. – Geeb Apr 2 '15 at 13:02

Yes, that sums it up nicely. – SilverlightFox Apr 2 '15 at 13:04
security  browser  xss 
18 days ago by ndf
British Airways: suspect code that hacked fliers 'found' • BBC News
<p>A RiskIQ researcher analysed code from BA's website and app around the time when the breach began, in late August.

He claimed to have discovered evidence of a "skimming" script designed to steal financial data from online payment forms.
BA said it was unable to comment.

A very similar attack, by a group dubbed Magecart, affected the Ticketmaster website recently, which RiskIQ said it also analysed in depth.

The company said the code found on the BA site was very similar, but appeared to have been modified to suit the way the airline's site had been designed.

"This particular skimmer is very much attuned to how British Airway's payment page is set up, which tells us that the attackers carefully considered how to target this site instead of blindly injecting the regular Magecart skimmer," the researcher <a href="https://www.riskiq.com/blog/labs/magecart-british-airways-breach/">wrote in a report on the findings</a>.

"The infrastructure used in this attack was set up with British Airways in mind and purposely targeted scripts that would blend in with normal payment processing to avoid detection."
Hacks like this make use of an increasingly common phenomenon, in which large websites embed multiple pieces of code from other sources or third-party suppliers.</p>

The RiskIQ report (linked above) is well worth reading, and quite scary: this is a professional group dubbed "Magecart" that has been operating for the past three years and pulling off increasingly subtle hacks. This one injected Javascript code into BA's system. RiskIQ says it sees similar attacks every day; just not as big.
britishairways  hacking  xss 
4 weeks ago by charlesarthur
Who Left Open The Cookie Jar?
Complexity of the attack surface makes for exploitable bugs.
Good reading of what kinds of things can happen.
browser  security  tracking  cookies  xss 
8 weeks ago by drmeme

« earlier    

related tags

:velo:toimplement  algorithm  analysis  and  android  angularjs  appsec  archive  article  asp.net  attack  attacks  authentication  authorisation  blackhat  blind  blog  book  britishairways  browser  browsers  cache  cheatsheet  checklist  codereview  content.security.policy  contentsecuritypolicy  cookies  cors  crawl  cross-site-scripting  crosssitescripting  csp  csr  csrf  css  ctf  cybersecurity  demo  developer  devops  dom  dompurify  drop  encoding  escaping  esi  exploit  filter  firefox  forgery  fullstack  fuzzing  genetic  german  getting  gif  github  greater  guide  hack  hacking  hacks  header  heise  how-to  html  html5  http  https  humor  iframe  important  infosec  injection  input  ios  java  javascript  jsp  jun18  learning  less  lfi  library  log  logging  meta_data  mozilla  mvc  nebrcode  netsec  online  or  owasp  parser  pdf  pentest  pentesting  php  poc  pocket  poisoning  polyglot  programming  python  rce  react  reference  request  sanitizer  santization  scan  script  sec  security  semple  serialization  sql-injection  sql  sql_injection  ssrf  string  strings  svg  template  testing  than  tip  tolearn  toolkit  tools  toread  totry  tounderstand  tracking  tutorial  utilities  validator  vulnerabilites  vulnerability-scanner  vulnerability  web-security  web  webapp  webdev  webdevelopment  websec  websecurity  whitehat  without  xml  xsdb  xsrf  xsstrike 

Copy this bookmark:



description:


tags: