Videos
Published on May 19th, 2009 📆 | 8164 Views ⚑
0DotAttacker
https://www.ispeech.org
A simple script that exploits DotDefender, called dotattacker. It sends an HTTP request to a website protected by DotDefender, with a "host" header that contains html tags. The log viewer renders those html tags (stored xss) and executes the javascript within the local computer zone. This allows attackers to read files off the hard disk, and any web page that the admin has access to.
Likes: 0
Viewed:
source
Gloss