Home page logo

webappsec logo WebApp Sec mailing list archives

Re: myspace hack
From: Disco Jonny <discojonny () gmail com>
Date: Sat, 15 Oct 2005 05:11:37 +0100

im bored with this now... what started as a meaningful discussion has
degenerated into i say tom-art-o you say ta-mate-oo

why haven't you gotten past the point of caring? a decent thread has
degenerated into nobbish semantics.

"What's in a name? That which we call a rose by any other name would
smell as sweet."
-William Shakespeare



social engineering, the way of life. (can we have a SE list? no?
didn't thinkso….)

Before 10/15/05 I am sure some people wrote:

I've heard people call it many names - one is Same Site Scripting.
javascript he embedded in the profile,
I personally like to use Same Domain Scripting
I coined the term Same Site Scripting
"stored xss"
It would make more sense if this was called "script injection"
This attack _is_ a classic example of Cross Site Scripting
This seems like it is an embedded XSS attack
excellent example of an XSS virus.
Cross Site Request Forgery attack (also known as a session
riding attack)
just finished reading about XSS. So this is of special interest.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]