-
Recent Posts
- Extending Burp Suite to solve reCAPTCHA
- Decrypting suhosin sessions and cookies.
- Clickjacking and XSS for reading autocomplete credentials.
- JavaScript and Daylight Savings for tracking users.
- Google TOTP Two-factor Authentication for PHP
- Exploit: PHPCaptcha / Securimage is not secure.
- Javascript keylogger in JQuery.
- Clickjacking and Phishing with help from the HTML5 JavaScript Sandbox
Recent Comments
Archives
Categories
Tag Archives: XSS
Clickjacking and XSS for reading autocomplete credentials.
By combining Cross Site Scripting (XSS) with Clickjacking and JavaScript it is possible to extract passwords and data stored within the browsers Autocomplete cache. Autocomplete is a feature supported by all browsers to cache input field values – it can … Continue reading
Javascript keylogger in JQuery.
I needed to capture someone’s login credentials using cross site scripting. However I had 3 problems. Firstly there was no XSS on the login page, secondly the only XSS was reflected, meaning it only affected the current page and thirdly … Continue reading