A cross site scripting attack works in the following manner:

* The attacker identifies a web site that has one or more XSS bugs for example, a web site that echoes the contents of a querystring.
* The attacker crafts a special URL that includes a malformed and malicious querystring containing HTML and scripts such as JavaScript.
* The attacker finds a victim and gets the victim to click on a link that includes the malformed querystring. This could simply be a link to another web page, or a link in an HTML e-mail.
* Once the victim clicks the link, the victim’s browser makes a GET request to the vulnerable server, bypassing the malicious querystring.
* The vulnerable server echoes the malicious querystring back to the victim’s browser, and the browser executes the JavaScript embedded in the response.

Explore More

What are the countermeasures against sniffer attacks?

It is quite difficult to overcome sniffer attacks. However, the following steps can be taken as countermeasures against such attacks: * Use encrypted protocols for all communication. * Segment the

Read More

Joomla Hack

######################################################################################### Joomla 1.5.x Remote Admin Password Change ########################################################################################## ## Author: d3m0n ([email protected]) ## Greets: GregStar, gorion, d3d!k ## ## Polish “hackers” used this bug to deface turkish sites BUAHAHHA nice

Read More

Wall off the World—Install a Better Firewall in an Afternoon

More advanced firewalls can be time-consuming to install, but they are not difficult to use. Take the time to fortify your defenses. It is really worthwhile.Install a Two-way Software Firewall

Read More