kinda advanced i see.. :s
Forum: Projects

you the man! ;) gonna check it right now!thanks
Forum: Projects

hello people.. i ve been looking around this community, and i can see so many different ways of exploiting web applications.. but what about making a secure one..? my self i am quite a beginner in php and i ve been looking around the web for a nice user authentication tutorial, i found many, but no one is taking into consideration xss or sql injections.. so i dont know if its too much too ask,
Forum: Projects

yeah i mean why not load the logging site inside the iframe instead of google.
Forum: XSS Info

hi. i dont get the reason why you have as src in your iframe "www.google.com" and not the logging site instead..
Forum: XSS Info

sorry to get offtopic.. im new here.. but the difficult part of XSS isn't also to inject the script tag?? i mean all these vectors are amazing, but whats the use case? (attaching them only to onLoad events, javascript:, etc??)
Forum: XSS Info

Guys, beware.. i just registered to your forums :p
Forum: Intro

Osirus-tiLung Wrote: ------------------------------------------------------- > yea, but I have usernames-- trying to get > passwords-- how would you do it? I guess what you are trying to do, is login as another user so why trying to get the passwords.. i would try to login as another user, trying to skip the password check.. My injection point would always be the username field.. So ei
Forum: SQL and Code Injection

newbie here, but shouldn't you try to inject the username field, rather than the password field that propably gets encoded?
Forum: SQL and Code Injection

great! can you tell me how :p
Forum: Privacy