-
Recent Posts
- Extending Burp Suite to solve reCAPTCHA
- Decrypting suhosin sessions and cookies.
- Clickjacking and XSS for reading autocomplete credentials.
- JavaScript and Daylight Savings for tracking users.
- Google TOTP Two-factor Authentication for PHP
- Exploit: PHPCaptcha / Securimage is not secure.
- Javascript keylogger in JQuery.
- Clickjacking and Phishing with help from the HTML5 JavaScript Sandbox
Recent Comments
Archives
Categories
Tag Archives: Clickjacking
Clickjacking and XSS for reading autocomplete credentials.
By combining Cross Site Scripting (XSS) with Clickjacking and JavaScript it is possible to extract passwords and data stored within the browsers Autocomplete cache. Autocomplete is a feature supported by all browsers to cache input field values – it can … Continue reading
Clickjacking and Phishing with help from the HTML5 JavaScript Sandbox
HTML5 has some nice new features one of which is JavaScript Sandboxing using iframes. Chrome is currently the only browser to support this but you can be sure others will soon follow. The sandbox allows control over what can be … Continue reading