Paid Advertising is
ha.ckers sla.cking
Q and A on cross site request forgeries and breaking into sessions. It's one of the attacks that XSS enables and the attack of the future. For Session, fixations, hijacking, lockout, replay, session riding etc.... 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Javascript SOP bypassing
Date: September 05, 2010 08:13AM


I'd like to work on new possibilities to bypass the same origin policy of Javascript. There has been a bug in safari before and it seemed to be pretty simple doing it this way. I'm sure there are working possibilities to break out of the SOP.

My vendors:

Mozilla Firefox
Microsoft IE 8
Google Chrome

Safari doesn't make much sense for me because I'm not a Mac user.

If anyone like to work on this together with me, feel free to say hello. If I got any vulnerabilities, I gonna post them.


Jean Pascal Pereira

Options: ReplyQuote
Re: Javascript SOP bypassing
Posted by: Skyphire
Date: September 19, 2010 04:30PM

Feel free to post them, I'm not aware of any.

Options: ReplyQuote

Sorry, only registered users may post in this forum.