Friday, October 5, 2007

Another hole????

Hey "big organization", need no explaination. You have been owned again. Well i am smart not to let you see the actual url string, else you will secure yourself? Still call me a script kiddie?? Think harder. Challenge me?? Why not do something to your site rather than challenging people here and there? Need to know the actual payload and url string? Call me. You are lucky i didn't use xss to portscan your internal network or cause a defacement and make you look like a fool. Respect others and respect yourself.



The Hacka Man

9 comments:

Anonymous said...

How would you use client-side XSS to scan their LAN ?

Anonymous said...

No answer ?

euronymous said...

BeEF or XSSshell...of course no response..you're a script kiddie ::(

Anonymous said...

I know those tools, but I haven't looked at them so far.
I'm curious, how XSS does port-scanning to a webservers LAN.

Anonymous said...

Didn't found a way to port-scan the webhoster's LAN.
So, how is this done ?
(Scanning a client's LAN using JS is uninteressting here.)

Anonymous said...

No answer again ?

Anonymous said...

Well, I'm still around waiting for a good answer. ;)

How would one manage to hack directly into a private LAN using an XSS-flaw on their Internet-website (Internet not Intranet). Misconfigured web servers (working like a proxy) do not require XSS. And there should be no need to trick someone on the internal LAN via e-mail (including a link to their website using the XSS-flaw in it)!

How would one do that? I really think, that there's no way.

Adi said...

Find Internet Marketing resource hare Online Marketing Strategy Internet Marketing Tools Online Marketing Campaign Online Marketing Business Online Marketing System Online Business Online Home Business Online Business Tips Internet Marketing Online Online Marketing Affiliate Marketing Online Marketing Success Selling Online Free Online Marketing Online Marketing Tools Online Marketing Blog

Miqdad said...

Oes Tsetnoc one of the ways in which we can learn seo besides Mengembalikan Jati Diri Bangsa. By participating in the Oes Tsetnoc or Mengembalikan Jati Diri Bangsa we can improve our seo skills. To find more information about Oest Tsetnoc please visit my Oes Tsetnoc pages. And to find more information about Mengembalikan Jati Diri Bangsa please visit my Mengembalikan Jati Diri Bangsa page and other update like as Beratnya Mengembalikan Jati Diri Bangsa, Mengembalikan Jati Diri Bangsa di perpanjang and Jangan Berhenti Mengembalikan Jati Diri Bangsa. Thank you So much.

Oes Tsetnoc | Lanjutkan Mengembalikan Jati Diri Bangsa