Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Whether this is about ha.ckers.org, sla.ckers.org or some other project you are interested in or want to talk about, throw it in here to get feedback. 

Current Page: 1 of 1
Results 1 - 10 of 10
6 years ago
mstampar
that last message was with purpose of preserving the script - i just can't find it anywhere on net (http://www.whiteacid.org/greasemonkey/ is inaccessible).
Forum: Projects
6 years ago
mstampar
// ==UserScript== // @name XSS assistant // @description This will help people find Cross site scripting flaws in forms as well and ease making a PoC from the XSS which is easy to show people. // @include * // ==/UserScript== /* How to use: Install this script into greasemonkey. To start XSSing forms select tools > Greasemonkey > User script commands > Start XSSi
Forum: Projects
7 years ago
mstampar
Ever wanted to be a one-click hacker? Now you have a chance :) http://rapidshare.com/files/36414167/GoogleHacker.zip.html p.s. .NET Framework 2.0 is a prerequisite
Forum: Projects
7 years ago
mstampar
CrYpTiC_MauleR Wrote: ------------------------------------------------------- > > Anyways it would be easier to make a bookmarklet > with a prompt where you can paste the cookie > string to be set. Like (put this as a bookmark): javascript:function writeCookies(strCookies) {var ca = strCookies.split(';'); for(var i=0;i < ca.length;i++) { var c = ca; while (c.charAt(0)==
Forum: SQL and Code Injection
7 years ago
mstampar
Just replace JUMMYCOOKIES with a string of cookies
Forum: SQL and Code Injection
7 years ago
mstampar
Example of JUMMYCOOKIES (www.google.com/accounts/ManageAccount): LSID=mail:EQAAAH0AAABA5rbTV-wdfooRKzNjUXp9RJZxhPe1A8y9EQHyXXyeNFO6rgzsNzb9EUjH5sdsXHyWm1YOaVs6pTUVbxNGyu73pRH69QuLYstFyuWhHm69EENIaufsQsHq_EGOjCC5Hj_UqavQrnKkQFZf_nlR5NXRjxRE-TVQYXffUyf56M311g; SID=FQAAAHwAAADBcb8ZwX_iAQyQRs0MQzgSvUhCpGMl-zcFi88QLO40jCSQLUD6sDQV7BoXuki0mb01GDSFKRyylKnY9RzCJcclcnQbX_ILgSBdnFsrixxT5ZSIlsqEHRwaqVqG6h
Forum: SQL and Code Injection
7 years ago
mstampar
Victim's side (any cookie stealing technique; in this example you need local access to victim's computer): 1) go to www.xxyyzz.com (for example: www.google.com/accounts/ManageAccount) 2) in address bar enter: javascript:document.write(document.cookie) ...and save the results (for now on we'll call it JUMMYCOOKIES) Attacker's side: 1) go to www.xxyyzz.com (same site as on victi
Forum: SQL and Code Injection
7 years ago
mstampar
http://seclists.org/pen-test/2003/May/0074.html
Forum: SQL and Code Injection
7 years ago
mstampar
Best one I've used is "SQID - SQL injection digger" (http://sqid.rubyforge.org/). It's written in Ruby so you'll have to download ruby interpreter to run it. It uses google search results instead of mindless crawling of victim's site. That means that you can go for a specific target #sqid.rb "inurl:id site:www.victim.com", or better yet, you can do a blind search for vulnera
Forum: SQL and Code Injection
7 years ago
mstampar
Question goes with this scenario: 1) You have a physical access to the computer 1 2) Steal session cookie (for example Google one) with program/script A 3) Restore it on computer 2 with program/script B How would you solve those two variables A and B.
Forum: SQL and Code Injection
Current Page: 1 of 1