サクサク読めて、アプリ限定の機能も多数!
トップへ戻る
アメリカ大統領選
www.gnucitizen.org
I am stuck at the Dubai International Airport and I have nothing else interesting to do. So, I though I might share a simple technique which will go into the Agile Hacking project. Here I will show you how to create a reverse command shell without using any 3rd-party tools such as the all mighty netcat. When we compromise a machine we often need to provide ourselves with a user friendly access to
"With great power comes great responsibility", but those with great power usually aren't that responsible. Nevertheless, we try to be responsible as much as we can. In the following post, ap and I are going to expose some secrets, which may make you question our values at first, will definitely make you feel worried about "Why is all this possible?", and may even make you hate us in your guts for
In this post I am going to show you how someone can remotely install a simple, persistent filter within a GMail account and download all previous as well as snoop onto all future email conversations. The following sequence of screenshots describes how the attack works. [![GGEHT Seq1](/files/2007/09/ggeht-seq1-248x150.jpg "GGEHT Seq1")](/files/2007/09/ggeht-seq1.jpg) [![GGEHT Seq2](/files/2007/09/g
For those of you who like jQuery but cannot find any sensible way of including external JavaScript files, here is a solution for you. I come up with this solution while developing Mashina, my browser based exploitation framework. http://www.gnucitizen.org/blog/jquery-include/jquery.include.js In order to include JavaScript source files you have to do the following: $.include('http://path/to/scr
Everybody knows about it. Everybody talks about it. We had a nice party. It is time for estimating the damages. In this article I will try to show the impact of the Universal PDF XSS vulnerability by explaining how it can be used in real life situations. For those who has slept over the last two days, here is a short introduction of what this talk is going to be about: The Universal PDF XSS issue
AttackAPI provides simple and intuitive programmable interface for composing attack vectors with JavaScript and other client and server related technologies. AttackAPI is standard part of many public and private security related projects supported by GNUCITIZEN and other organizations. This library may be treated as open source (GPLv2) project. As such, feel free to extend upon it. Keep in mind, t
XSS attacks are nothing new, but an evil mind can find ways to use them to bypass border firewalls and highly expensive intrusion prevention systems in order to attack your organization from inside. This post outlines an example of how to use QuickTime Movie files to trick the user into executing malicious JavaScript code. The technique presented here does not rely on a vulnerability bur rather on
SPI Dynamics released a paper on how to port scan and do other cool stuff with JavaScript. I’ve found the paper quite interesting, so I decided to make my own port scanner in JavaScript. My aim was to build the port scanner small, cute, reusable and fast. After a couple of hours fiddling around with IMG tags and other DOM elements I came up with the following solution. The code depends on your con
このページを最初にブックマークしてみませんか?
『https://www.gnucitizen.org/』の新着エントリーを見る
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く