Search This Blog

seckb*

Weakness, Attack, Exploitation Patterns, and things learnt by YGN Ethical Hacker Group

[Hone Your Ninja Skill] Blacklist filter bypass on < > and =

Get link
Facebook
Twitter
Pinterest
Email
Other Apps

By YGN Ethical Hacker Group - May 17, 2018

http://honeyourskills.ninja/target/web/xss/

honeyourskills

Get link
Facebook
Twitter
Pinterest
Email
Other Apps

Comments

XSS: Gaining access to HttpOnly Cookie in 2012

By YGN Ethical Hacker Group - June 23, 2012

Update 2016/02: We were asked by a lot if this still works. Shortly after our disclosure, this issue has been patched. ------ The Background - The Past Gaining access to HttpOnly cookie was first attempted by means of XST, Cross Site Tracing vulnerability. Soon after the popularity of XST, the TRACE method has been disabled by most web servers. Later, browsers' implementation of XMLHttpRequest also blocked "TRACE" method (i.e. xmlhttp.open('TRACE', url, true) ]. Later, a flawed implementation in Firefox's XMLHttpRequest which can be used to access set-cookie response header was fixed. JS Debugger pointing out "TRACE" method as invalid arugment JS Debugger pointing out "TRACE" method as illegal value A Sla.ckers.org forum member, LeverOne, posted ways to access HttpOnly cookie through the use of Java API and applet. I reproduced his techniques. When the first method was tried, the Java Runtime did no

Jumping out of Touch Screen Kiosks

By YGN Ethical Hacker Group - September 09, 2012

Background: Nowadays, the use of large touch screen kiosks has been prevalent. They are to replace tradition paper-based brochures and to provide more interactive means to consumers. In restaurants, you can see a variety of food menu that can be accessible in large touch screen LCD monitor. In your local Telcos, you can see a variety of mobile and Internet subscriptions plans. Behind these touch screen menus are running standalone or browser-mode Adobe Flash applications which are second-to-none for interactivity and scalablity and ease of update. Data could be pulled from somewhere round their centralized web severs. Weakness: Jumping out We cannot use iKat at first as we do not have access to any keyboard facility. However, the trick is no-brainer. Do long press on any locations and relieve. You should see the usual Flash context menu like: Touch "Global Settings". A web browser window will pop up and redirect to the Adobe URL, http://www.macromedia.c

[Hone Your Ninja Skill] Blacklist filter bypass : No HTML tags allowed

By YGN Ethical Hacker Group - June 06, 2018

Mission: Achieve arbitrary script execution when submitting the form. http://honeyourskills.ninja/target/xss/challenges/no-html-tags-allowed.php

Contributor

_

HTTPS redirector

Labels

*nix
anti-csrf-bypass
anti-virus
banking-security
book-reviews
browser-protection
case-studies
certifications
clickjacking
cookie

cross-domain
CTF
data-leakage
exploits
false-negatives
fraud-check
giac
honeyourskills
httponly
ikat
java
kiosk
layer-8-bad-habits
layer8
malware-spread
mobile-security
mobile-security banking mobile-virus
out-of-box myth
password
password-control
prison-break
redos
remote-management
restriction-bypass
risky-features
sans-institute
secure_coding
security
session
session cookie
session id
tampering
third-party components
threats
tools
view-state
waf
web-app-security
web-hacking
xss
xss-bypass

Show more Show less