1. H

    XSS tutorial for Newbee's

    XSS can be used in 2 conditions. Sometimes there are forums that have particular fields that allow HTML posts.. Or a vulnerability in the search field. A vulnerable search field that allows html searches and uses $_GET function instead of $_POST Okay so.. lets talk about the Search field first...
  2. H

    Xss 101

    Title:XSS 101 Author:KNS I. What is XSS? Cross-site scripting (XSS), it should have been CSS but that name is already taken by Cascade-Style Sheets so it became XSS, is a type of computer security vulnerability typically found in web applications that enables attackers to inject client-side...
  3. H

    Bypassing SQLiRFILFI and XSS filters

    kay, so most of you who have hacked a bit sure have noticed that sometimes you get 406 not acceptable... That means they got a filter that looks for hack attepts, this can be done in a php script, packet sniffer, apache, everywhere... Anyway, the trick to bypass these is upercase-lovercase...
  4. D

    Creating an XSS Worm

    Creating an XSS Worm XSS worms are pretty neat, interactive worms that propagate by using a client's browser to progressively infect other profiles in some way. I wrote my own worm a while back, and I wanted to talk about how it worked, how it was affective, and what challenges I faced. The...
  5. D

    Good luck now you hacked a site with XSS

    Complete XSS Tutorial XSS is in 2 ways, Persistent and Non-Persistent type. For XSS we will use something called a cookie catcher. Question will be that why we would need someone else's cookie? The answer is that we can change our browser's cookies to login as them!!! So lets call it Session...
  6. D

    Stealing Cookie With XSS

    Little tut to our affi partners Smiley I guess you already know a bit of the theory behind XSS, so we'll get right to the code. Let's say a web page has a search function that uses this code: Code: Quote: <tr><td>Name</td><td><input type="text" name="advisor_name"...