Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A on cross site request forgeries and breaking into sessions. It's one of the attacks that XSS enables and the attack of the future. For Session, fixations, hijacking, lockout, replay, session riding etc.... 

Current Page: 1 of 1
Results 1 - 1 of 1
5 years ago
adamN
Does anybody have a link to either a theoretical discussion or general issues surrounding the fact that an iframe busting technique like this works (from within an iframe): if (window.top !== window.self) { setTimeout(function(){document.body.innerHTML='';},1);window.self.onload=function(evt){document.body.innerHTML='';};} But this does not: var1 = window.top.href; document.write(var
Forum: CSRF and Session Info
Current Page: 1 of 1