In this post, I would like to share XSS attack using IE's XSS filter. This issue was fixed in the December patch by Microsoft. (CVE-2015-6144 / CVE-2015-6176)
I spoke about this topics in the Japanese info-sec conference called CODE BLUE. You can find my name here. In my presentation, I talked about only the concept and I didn't touch details of attack techniques because it was not fixed at that time.
Today, I can finally release hidden slides! Yeah!
The real X-XSS-Nightmare slides is the following.
Some attack vectors which I have reported are not fixed yet. So, I had to remove some slides :p
You can reproduce some PoC from this page:
http://l0.cm/xxn/
I hope you will enjoy it!
Some attack vectors which I have reported are not fixed yet. So, I had to remove some slides :p
You can reproduce some PoC from this page:
http://l0.cm/xxn/
I hope you will enjoy it!
Great Article
ReplyDeleteInformation Security Projects for Final Year Students
Project Centers in Chennai for CSE
JavaScript Training in Chennai
JavaScript Training in Chennai
Aivivu vé máy bay giá rẻ
ReplyDeletegiá vé máy bay tết
vé máy bay đi Mỹ giá bao nhiêu
vé máy bay đi Pháp giá rẻ
vé máy bay đi hàn quốc 2 chiều
giá vé máy bay sang nhật bản
từ Việt Nam bay sang Anh mất bao lâu
Aivivu chuyên vé máy bay, tham khảo
ReplyDeletegia ve may bay di my
vé máy bay từ los angeles về việt nam
giá vé máy bay đi Los Angeles
chuyến bay từ canada về việt nam
good article, i like it
ReplyDeleteRC airplane
Pretty! This was 먹튀검증 an extremely wonderful article. Thank you for providing this information.
ReplyDelete