video > XSS

MAIN PAGE

FORUM

ABOUT US

ANTICHAT.RU

VIDEO.ANTICHAT.RU

FORUM

FAQ

SEND VIDEO

INFORMER (ru)

КОНКУРС (ru)

VIDEO FILES NOT APPROVED

Video search
RSS

Сategory

	SQL INJECTION [61]
	XSS [45]
	PHP-INJECTION [32]
	OTHER [129]
	ANTIHACK [11]
	VIDEO-WINNER [6]

Most active authors

	Kez [20]
	Zfailure [17]
	Zadoxlik [8]
	B00zy_c0d3r [6]
	Diemad [6]
	0x0c0de [5]
	Shankar [5]
	Nitrex [5]
	Micro [5]
	Greenbear [5]
(other)

XSS

Cross Site Scripting vulnerabilities

Yandex XSS [17.08.2008. 12:56:56]

2.52 Mb

Yandex.ru mailbox hijacking with XSS.





	screenshot

Author: _Kris_

comment [1] downloaded [1084]

Active XSS in WordPress [29.04.2008. 17:49:44]

6.57 Mb

Active XSS in WordPress





	screenshot

Author: gibson

comment [2] downloaded [1777]

XSS on ondoklassniki.ru [29.03.2008. 11:35:59]

7.76 Mb

XSS on popular in Russia a social site - odnoklassniki.ru





	screenshot

Author: Isis

comment [4] downloaded [4223]

WebCodePortalSystem v.4.2.2 Creating admin with XSS [05.02.2008. 00:10:00]

3.77 Mb

For many XSS is just a way to steal a cookie, and nothing else, but this is not the case, in the post of:
https://forum.antichat.ru/showpost.php?p=584229&postcount=17 Grey described the automation of this process - that is, stolen cookies will be used by scripts (you will not have to climb yourself and change your cookies on stolen) to send necessary for the creation of a new administrator, data. To have a knowledge engine and the "simple" XSS could lead to quite serious implications in terms of security.
This video, I not only want to show I have described in the post of actions, but also show that XSS is still serious vulnerability.