Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A on cross site request forgeries and breaking into sessions. It's one of the attacks that XSS enables and the attack of the future. For Session, fixations, hijacking, lockout, replay, session riding etc.... 

Current Page: 1 of 1
Results 1 - 1 of 1
6 years ago
Lord0xF
Not sure if this one has already been found. I just purchased a NetGear router and the way it configures over HTTP caught my attention: POST. Once authenticated in a session, embedding the following in an IMG tag or HTTP redirect will change the router's SSID To "MyRouterGotCSRFd": http://routerlogin.com/wireless.cgi?ssid=MyRouterGotCSRFd&Apply=Apply You can also enable Remote
Forum: CSRF and Session Info
Current Page: 1 of 1