A cross site scripting attack works in the following manner:

* The attacker identifies a web site that has one or more XSS bugs for example, a web site that echoes the contents of a querystring.
* The attacker crafts a special URL that includes a malformed and malicious querystring containing HTML and scripts such as JavaScript.
* The attacker finds a victim and gets the victim to click on a link that includes the malformed querystring. This could simply be a link to another web page, or a link in an HTML e-mail.
* Once the victim clicks the link, the victim’s browser makes a GET request to the vulnerable server, bypassing the malicious querystring.
* The vulnerable server echoes the malicious querystring back to the victim’s browser, and the browser executes the JavaScript embedded in the response.

Explore More

Press Conference briefing on the possibility of being shortest man in the world!!!

This is not hacking or security news, just about my some favorite news while I’m arriving at yangon, myanmar. I’ve been here around 3 months and waiting visa approval to

Read More

Wireless hack tools 2008

Hi Here is wireless hack tools 2008 http://rapidshare.com/files/12390847...z_2008_AIO.rarhttp://rs166.rapidshare.com/files/12...z_2008_AIO.rar

Read More

Security/Hacking Tools & Utilities

1. Nmap I think everyone has heard of this one, recently evolved into the 4.x series.Nmap (”Network Mapper”) is a free open source utility for network exploration or security auditing.

Read More