EspañolCross-site scripting (XSS) is a vulnerability that allows an attacker to inject code (usually HTML or JavaScript) into a web. When a victim sees an infected page, the injected code runs in his browser.
Today we bring a Cheat Sheet about this vulnerability that is not the best known by the common user but is one of the most appearing on the webs.
Continue reading
Power belongs to the people who take it
Tag: hack (Page 2 of 2)
In this post we’ll see how you can create a FakeAP wich substitutes an existent one by clonning his ESSID, MAC and de-authenticates the users who are connected to cause them to automatically connect to our FakeAp.
In this POC our victim Access point will be that of a simulated hotel that have a captive portal that asks for a password to access navigation. Our final objective will be steal credentials from a user of that hotel WIFI.
Continue reading
Sorry, this entry is only available in European Spanish. For the sake of viewer convenience, the content is shown below in the alternative language. You may click the link to switch the active language.
En este post veremos de forma práctica el secuestro de Sesiones PHP a través de un ataque de inyección XSS(Cross-site Scripting). Una mala validación de los campos sumado a la falta de protección en nuestras variables $_SESSION pueden provocar esta vulnerabilidad.
Continue reading
Today we bring a new writeup of Hackthebox. This time it’s Valentine
Continue reading
Redes Sociales
© 2024 ironHackers
Theme by Anders Noren — Up ↑