News
Flaws
Origin flaws within IE with clickjacking
Jum`at, 1 Juli 2011
Rosario Valotta has published an interesting attack against IE that takes advantage of clickjacking. In a nutshell it combines origin flaws within IE with clickjacking to trick a user into copying/pasting their own cookies from any site! Demonstration below The technical details can be found at : https://sites.google.com/site/tentacoloviola/cookiejacking and his slides at : https://docs.google.com/viewer?a=v&pid=sites&srcid=ZGVmYXVsdGRv...
Rosario Valotta has published an interesting attack against IE that takes advantage of clickjacking. In a nutshell it combines origin flaws within IE with clickjacking to trick a user into copying/pasting their own cookies from any site! Demonstration below The technical details can be found at : https://sites.google.com/site/tentacoloviola/cookiejacking and his slides at : https://docs.google.com/viewer?a=v&pid=sites&srcid=ZGVmYXVsdGRv...
Automatic Detection and Exploitation of SQL Injection Flaws
Selasa, 3 Mei 2011
Safe3 SQL Injector is one of the most powerful penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of back-end database servers. Features : * Full support for GET/Post/Cookie Injection * Full support for HTTP Basic, Digest, NTLM and Certificate authentications * Full support for MySQL, Oracle, PostgreSQL, MSSQL, ACESS, DB2, Sybase & Sqlite * Full support for Error/Union/Blind/Force SQL injection * Sup...
Safe3 SQL Injector is one of the most powerful penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of back-end database servers. Features : * Full support for GET/Post/Cookie Injection * Full support for HTTP Basic, Digest, NTLM and Certificate authentications * Full support for MySQL, Oracle, PostgreSQL, MSSQL, ACESS, DB2, Sybase & Sqlite * Full support for Error/Union/Blind/Force SQL injection * Sup...
Message Me On Whatsapp