css style sheets
11 Jul 2009

Hacking CSRF Tokens using CSS History Hack

Against a Javascript and CSS CSRF Token Finder, a CSS approach is shown by an increasing amount of security and technology researchers to be able to hack CSRF Tokens without javascript injection or similar measures to prevent files of that method from being utilized. Exemplified that “brute force” attacks on

Internet Explorer Browser
11 May 2009

Exploiting IE8 UTF-7 XSS Vulnerability using Local Redirection

Conventions: Attacker Domain – Securethoughts.com Target Domain – 50webs.com If you don’t remember, there was an important XSS vulnerability reported in all major browsers a while ago – IE7, Firefox and Opera. More Information is available in the Secunia advisories here. The vulnerability was that if you don’t specify a charset in your

Tiny URL
11 Feb 2009

Unauthorized TinyURL URL Enumeration Vulnerability

Even some of the most readily used functionality options on social media and computers that users use have a potential for exploitation and manipulation. Timy URL is a well known feature that condenses actual long URLS into short and and easily communicable ones. This is particularly useful for websites such