|
|
De-anonymizer: msg#00340security.bugtraq
I have "hacked" my way out of anonymizer with Cross-site scripting: http://anon.free.anonymizer.com/http://spoor12.edup.tudelft. nl/SkyLined/docs/de_anonymizer.labs.html It uses a <SCRIPT> tag without a closing </SCRIPT> tag to fool anonymizer into allowing an onError event to pass filters. This allows me to execute javascript with obvious security breaches. Anonymizer was informed of the situation. Kind regards, Berend-Jan Wever http://spoor12.edup.tudelft.nl |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | RE: Cross site scripting in almost every mayor website: 00340, GreyMagic Software |
|---|---|
| Next by Date: | IE DoS and possibly exploitable stack overflow: 00340, Berend-Jan Wever |
| Previous by Thread: | More Cross site Scripting in PHPNukei: 00340, Replugge [ROD] |
| Next by Thread: | IE DoS and possibly exploitable stack overflow: 00340, Berend-Jan Wever |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |