A cross site scripting attack works in the following manner:

* The attacker identifies a web site that has one or more XSS bugs for example, a web site that echoes the contents of a querystring.
* The attacker crafts a special URL that includes a malformed and malicious querystring containing HTML and scripts such as JavaScript.
* The attacker finds a victim and gets the victim to click on a link that includes the malformed querystring. This could simply be a link to another web page, or a link in an HTML e-mail.
* Once the victim clicks the link, the victim’s browser makes a GET request to the vulnerable server, bypassing the malicious querystring.
* The vulnerable server echoes the malicious querystring back to the victim’s browser, and the browser executes the JavaScript embedded in the response.

Explore More

Tips and Tricks about Gmail

While Web-based email is nothing new, Gmail introduces some new and unique concepts. Managing email has become very easy while at the same time having powerful tools to find and

Read More

Study on the undetectable Server Bifrost 1.2d for the AV

1. Objective Trying to make the Bifrost Server 1.2d which is the latest version of a remote control KSV undetectable to Antivirus Software Required —– description ———————————————————————— Download Bifrost 1.2dR.AT

Read More

Visit to Myanmar —-~_~—

ShweDagon Pagoda @ Yangon, Myanmar INTO’s Education Seminar @ Trader Hotel Myanmar ICT Exhibition 2010 @ Tatmataw Hall, Yangon btw, Now I’m @ NEW WAVE Cyber Cafe, No. 12/A D1,

Read More