Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

basics logo Security Basics mailing list archives

Exploiting XSS
From: Ravi Gopal <ravigopalt () gmail com>
Date: Wed, 03 Dec 2008 10:35:53 +0530
Dear List,
I'm doing a WAPT for a website and found many XSS issues (both Stored and Reflected). I wanted to do more and show to the customer, apart from normal script injection and getting it popped up. 

Consider that u found an XSS issue in a field and your script is running,

  1. Now what are the further steps for exploiting XSS completely????
  2. How an attacker can really make  use of  it?
  3. How to Compromise ??
  4. What are the real world scenarios can be used

Looking for few good inputs/imlementations/expolits/BooKs ..............

Thanks in advance,

Cheers,
White hat

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]