Most people are already aware of using XSS to pop alerts or steal cookies. Today I’d like to show XSS password stealing.
The following is an older Easy Chat Server Exploit for versions <3.1 (CVE-2004-2466). That said, this is a great example of utilizing SEH for exploit writing and reliability.
This week I’d like to show XSS without dots, as a method of filter avoidance.
While a bit late, I finally found (some) files to do a BSides Raleigh CTF write-up.
I recently added a Samsung GS5 Nethunter to my arsenal, and it was quite easy to set it up.
For those of you looking for links after my talk, I’m glad to finally release my CTF resources.
For those of you who were unable to attend CarolinaCon 13 this past weekend (19-21 May), then you definitely missed out on a great con.