Hello Michele, I will take a look, because honestly, I dont see anything good about NON persistent xss, so i will have a look and see, thanks :) cheers xd
On 10 October 2011 17:24, Michele Orru <antisnatc...@gmail.com> wrote: > If you all think XSS, even reflected or DOM-based sucks..probably you don't > know the BeEF project. > I would suggest you to take a look at http://beefproject.com , try it, and > see yourself what you can do :-) > Cheers > antisnatchor > On 10 Oct 2011 02:56, "xD 0x41" <sec...@gmail.com> wrote: > >> YEP! >> When ya do it right, dang right it is! >> >> I did never reproduce the EXACT ethod wich made the x41's happen... but, i >> dun really care for that bug, or you call it a feature..well, i dont know >> feratures wich have x41's al;l over the emails when made in a special way... >> so, it was low-level to :) >> anyhow, no, i wont bother to recreate the email body, without using any >> 'features' of googles, for you. >> It is possible to exploit rich text editor, i have said.. the dll itself.. >> so maybe go investigate and stfu :) >> now back to the backdoor. >> >> >> >> >> On 10 October 2011 11:23, adam <a...@papsy.net> wrote: >> >>> Yeah guys, XSS is nonsense. Exploiting anchor text is where it's at, >>> right secn3t? >>> >>> http://seclists.org/fulldisclosure/2011/Jun/215 >>> >>> On Sun, Oct 9, 2011 at 7:10 PM, xD 0x41 <sec...@gmail.com> wrote: >>> >>>> No, i have been through these, and only an idiot would fall for any of >>>> these attacks... Persistent XSS maybe harder, but, forget the rest :) >>>> Im to old for that. >>>> Never been a victim yet, in *any* way, and, certainly, those bugs wont >>>> be starting a trend.. >>>> cheer. >>>> xd >>>> >>>> >>>> >>>> On 10 October 2011 10:27, <valdis.kletni...@vt.edu> wrote: >>>> >>>>> On Mon, 10 Oct 2011 09:36:17 +1100, xD 0x41 said: >>>>> >>>>> > No,... and am happy not to know :-) , like XSS , i do not waste time >>>>> with >>>>> > ninoritiy bugs such as 'clickjacking' and these new such terms wich >>>>> are >>>>> > total BS. >>>>> >>>>> It's all total BS till you discover you're a victim of the attack. >>>>> >>>> >>>> >>>> _______________________________________________ >>>> Full-Disclosure - We believe in it. >>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>>> Hosted and sponsored by Secunia - http://secunia.com/ >>>> >>> >>> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/