A cross site scripting attack works in the following manner:

* The attacker identifies a web site that has one or more XSS bugs for example, a web site that echoes the contents of a querystring.
* The attacker crafts a special URL that includes a malformed and malicious querystring containing HTML and scripts such as JavaScript.
* The attacker finds a victim and gets the victim to click on a link that includes the malformed querystring. This could simply be a link to another web page, or a link in an HTML e-mail.
* Once the victim clicks the link, the victim’s browser makes a GET request to the vulnerable server, bypassing the malicious querystring.
* The vulnerable server echoes the malicious querystring back to the victim’s browser, and the browser executes the JavaScript embedded in the response.

Explore More

The internet crash of July 17th 1997

This July 17th marks the eleventh anniversary of the famous internet crash. How did the internet crash; the network which was designed to withstand all sorts of catastrophe; even the

Read More

EU Police learning hacking tricks. They are about to “Remote search” your PCs.

Law enforcement at European Union is working on ethical hacking proposal that will allow them to remotely access and monitor any PC without warrant. This is adopted after a decision

Read More

Getting e-mail password

Step 1: Login to http://www.facebook.com with your account. Step 2: Find the “friend” who you would like to hack. Step 3: Go to their profile and click the “info” tab.

Read More