A cross site scripting attack works in the following manner:

* The attacker identifies a web site that has one or more XSS bugs for example, a web site that echoes the contents of a querystring.
* The attacker crafts a special URL that includes a malformed and malicious querystring containing HTML and scripts such as JavaScript.
* The attacker finds a victim and gets the victim to click on a link that includes the malformed querystring. This could simply be a link to another web page, or a link in an HTML e-mail.
* Once the victim clicks the link, the victim’s browser makes a GET request to the vulnerable server, bypassing the malicious querystring.
* The vulnerable server echoes the malicious querystring back to the victim’s browser, and the browser executes the JavaScript embedded in the response.

Explore More

Latest common commercial hacking tools (Price, working etc)

Here are some of the latest hacking tools marketed just like commercial software across different ICQ channels. Just like normal software deep discounts and regular updates are also available for

Read More

Gmail/ Google apps down!

Gmail and Google apps are down for almost 2 hours now. News, reader etc are working fine. Everyone getting 502/503 after few minutes n loading the page. Nothing official from

Read More

Twitter accounts hacked : Barack Obama, Britney etc on the list

According to twitter, a micro blogging site, 33 twitter accounts were compromised and false and inappropriate messages were posted online. Hacked accounts include prominent twitter sources like President-elect Barack Obama,

Read More