sla.ckers.org web application security forum

sla.ckers.org is
ha.ckers sla.cking

Q and A on cross site request forgeries and breaking into sessions. It's one of the attacks that XSS enables and the attack of the future. For Session, fixations, hijacking, lockout, replay, session riding etc....

Go to: Forum List•New Topic•Search•Log In

Pages: Previous 1 2 345 ...Last Next

Current Page: 4 of 6

Subject	Views	Posts	Started By	Last Post
Getting the user to click the button (and do other things)	1,410	4	Ambush Commander	02/11/2008 03:51PM Last Post by Anonymous User
using cookie session	1,489	3	jackson_hacker	02/07/2008 10:22AM Last Post by J4zen
Using regex to block XSS	2,039	6	T06	02/01/2008 06:52AM Last Post by Anonymous User
Secure sessions, easy logins?	2,177	10	iNs4n3	01/30/2008 01:02PM Last Post by EWSec
application security	1,428	14	ceezax	01/30/2008 09:27AM Last Post by CrYpTiC_MauleR
img tag question	1,655	3	kcanis	01/18/2008 10:13AM Last Post by Anonymous User
CSRF4BlackHat - So it begins...	1,938	3	klaus	01/14/2008 06:06PM Last Post by kcanis
CSRF defend demos Pages: 1 2	4,111	32	Gareth Heyes	01/04/2008 11:34AM Last Post by kirke
CSRF & SSO	1,661	2	flatron	12/13/2007 08:32AM Last Post by rsnake
Chrome URIs and CSRF, anybody playing?	2,239	15	tehryan	12/12/2007 04:53AM Last Post by Anonymous User
question	2,355	20	lobas	12/10/2007 11:44AM Last Post by Anonymous User
automated detection of csrf	3,038	12	ntp	12/10/2007 10:59AM Last Post by .mario
shopping cart using JS	2,013	5	cttnmth	12/10/2007 09:20AM Last Post by rsnake
XSS and CSRF with Flash	2,371	4	lake2	12/09/2007 09:46PM Last Post by Zoiz
getting username and pssword saved in the browser	2,713	11	n0	12/01/2007 04:16PM Last Post by birdie
Lots of CSRF News	1,960	1	ntp	11/23/2007 09:33PM Last Post by ntp
how to secure cross-domain single-sign on (sso)	2,640	8	shyguy	11/18/2007 01:12AM Last Post by erez
wpnonce bypass	2,180	2	lobas	11/03/2007 01:00PM Last Post by tehryan
Way to steal sessions across two browsers	2,596	11	cttnmth	10/30/2007 06:27PM Last Post by digi7al64
JSCK - Javascript CSRF Protection Kit	1,831	4	Gareth Heyes	10/24/2007 03:15AM Last Post by Gareth Heyes
AJAX 'gziped' response error	1,647	5	Xinstict	10/22/2007 04:57AM Last Post by Anonymous User
XST is still possible as of today?	1,887	5	acemutha	10/08/2007 06:17PM Last Post by kuza55
sending the entire HTML results to a third party site	1,576	3	jamuse	10/02/2007 06:41PM Last Post by Gareth Heyes
PHP, default Mime type, CSRF, oh my!	3,135	14	codec	09/28/2007 01:55PM Last Post by n0
CSRF Post without javascript	2,139	4	Gareth Heyes	09/06/2007 06:27AM Last Post by Gareth Heyes
CSRF question	2,091	6	Anonymous User	08/21/2007 03:57PM Last Post by /nul
csrf in many torrent trackers	1,824	3	brave_new_world	08/21/2007 04:29AM Last Post by hackathology
Self-made HTML form works, XMLHttpRequest doesn't	2,528	11	christ1an	07/31/2007 09:40AM Last Post by faz3d
FlashXMLHttpRequest	1,877	2	acidburn	07/19/2007 02:36AM Last Post by thrill
XSRF and Javascript RPCs - feedback please	1,825	1	wck	07/18/2007 06:10PM Last Post by wck

Pages: Previous 1 2 345 ...Last Next

Current Page: 4 of 6

Options: