Submit Search
Upload
Root via XSS
•
Download as PPT, PDF
•
1 like
•
444 views
Positive Hack Days
Follow
Technology
Report
Share
Report
Share
1 of 14
Download now
Recommended
Intercepting Windows Printing by Modifying GDI Subsystem
Intercepting Windows Printing by Modifying GDI Subsystem
Positive Hack Days
Random numbers
Random numbers
Positive Hack Days
Java selenium web driver
Java selenium web driver
KadarkaraiSelvam
Mobile for web
Mobile for web
Võ Duy Tuấn
Getting Started with CloudScript
Getting Started with CloudScript
NephoScale
OWASP CSRF Protector
OWASP CSRF Protector
Minhaz A V
Web Hacking series part 2
Web Hacking series part 2
Aditya Kamat
Drupal and Security: What You Need to Know
Drupal and Security: What You Need to Know
Acquia
Recommended
Intercepting Windows Printing by Modifying GDI Subsystem
Intercepting Windows Printing by Modifying GDI Subsystem
Positive Hack Days
Random numbers
Random numbers
Positive Hack Days
Java selenium web driver
Java selenium web driver
KadarkaraiSelvam
Mobile for web
Mobile for web
Võ Duy Tuấn
Getting Started with CloudScript
Getting Started with CloudScript
NephoScale
OWASP CSRF Protector
OWASP CSRF Protector
Minhaz A V
Web Hacking series part 2
Web Hacking series part 2
Aditya Kamat
Drupal and Security: What You Need to Know
Drupal and Security: What You Need to Know
Acquia
Weblogic server
Weblogic server
Smartittrainings
Weblogic online training
Weblogic online training
Smartittrainings
플랫폼 통합을 위한 Client Module 개발 & 배포
플랫폼 통합을 위한 Client Module 개발 & 배포
흥래 김
PHP and MySQL
PHP and MySQL
bmani
CLR Stored Procedures
CLR Stored Procedures
Harshana Weerasinghe
Selenium RC Overview
Selenium RC Overview
Ganesh Mandala
Presentation1
Presentation1
ankesh49
Ejabberd installation configuration
Ejabberd installation configuration
Shaojie Yang
Introduction to Wildfly 8 - Marchioni
Introduction to Wildfly 8 - Marchioni
Codemotion
Drupal Security Hardening
Drupal Security Hardening
Gerald Villorente
JBoss AS 7 따라잡기
JBoss AS 7 따라잡기
jbugkorea
Web Hacking Series Part 4
Web Hacking Series Part 4
Aditya Kamat
Virtual Security Lab Setup - OWASP Broken Web Apps, Webgoat, & ZAP
Virtual Security Lab Setup - OWASP Broken Web Apps, Webgoat, & ZAP
Michael Coates
Ejabberd with xmpp
Ejabberd with xmpp
Prem Narain
.NET Fest 2018. Dino Esposito. ASP.NET Blazor—the C# Angular or the return of...
.NET Fest 2018. Dino Esposito. ASP.NET Blazor—the C# Angular or the return of...
NETFest
JCrawler
JCrawler
Aditya Jain
Boris Stoyanov - Troubleshooting the Virtual Router - Run and Get Diagnostics
Boris Stoyanov - Troubleshooting the Virtual Router - Run and Get Diagnostics
ShapeBlue
Apache
Apache
Fathima Ashraf
JBoss Negotiation in AS7
JBoss Negotiation in AS7
Josef Cacek
Web hacking series part 3
Web hacking series part 3
Aditya Kamat
Denis Baranov - Root via XSS
Denis Baranov - Root via XSS
DefconRussia
Secure programming with php
Secure programming with php
Mohmad Feroz
More Related Content
What's hot
Weblogic server
Weblogic server
Smartittrainings
Weblogic online training
Weblogic online training
Smartittrainings
플랫폼 통합을 위한 Client Module 개발 & 배포
플랫폼 통합을 위한 Client Module 개발 & 배포
흥래 김
PHP and MySQL
PHP and MySQL
bmani
CLR Stored Procedures
CLR Stored Procedures
Harshana Weerasinghe
Selenium RC Overview
Selenium RC Overview
Ganesh Mandala
Presentation1
Presentation1
ankesh49
Ejabberd installation configuration
Ejabberd installation configuration
Shaojie Yang
Introduction to Wildfly 8 - Marchioni
Introduction to Wildfly 8 - Marchioni
Codemotion
Drupal Security Hardening
Drupal Security Hardening
Gerald Villorente
JBoss AS 7 따라잡기
JBoss AS 7 따라잡기
jbugkorea
Web Hacking Series Part 4
Web Hacking Series Part 4
Aditya Kamat
Virtual Security Lab Setup - OWASP Broken Web Apps, Webgoat, & ZAP
Virtual Security Lab Setup - OWASP Broken Web Apps, Webgoat, & ZAP
Michael Coates
Ejabberd with xmpp
Ejabberd with xmpp
Prem Narain
.NET Fest 2018. Dino Esposito. ASP.NET Blazor—the C# Angular or the return of...
.NET Fest 2018. Dino Esposito. ASP.NET Blazor—the C# Angular or the return of...
NETFest
JCrawler
JCrawler
Aditya Jain
Boris Stoyanov - Troubleshooting the Virtual Router - Run and Get Diagnostics
Boris Stoyanov - Troubleshooting the Virtual Router - Run and Get Diagnostics
ShapeBlue
Apache
Apache
Fathima Ashraf
JBoss Negotiation in AS7
JBoss Negotiation in AS7
Josef Cacek
Web hacking series part 3
Web hacking series part 3
Aditya Kamat
What's hot
(20)
Weblogic server
Weblogic server
Weblogic online training
Weblogic online training
플랫폼 통합을 위한 Client Module 개발 & 배포
플랫폼 통합을 위한 Client Module 개발 & 배포
PHP and MySQL
PHP and MySQL
CLR Stored Procedures
CLR Stored Procedures
Selenium RC Overview
Selenium RC Overview
Presentation1
Presentation1
Ejabberd installation configuration
Ejabberd installation configuration
Introduction to Wildfly 8 - Marchioni
Introduction to Wildfly 8 - Marchioni
Drupal Security Hardening
Drupal Security Hardening
JBoss AS 7 따라잡기
JBoss AS 7 따라잡기
Web Hacking Series Part 4
Web Hacking Series Part 4
Virtual Security Lab Setup - OWASP Broken Web Apps, Webgoat, & ZAP
Virtual Security Lab Setup - OWASP Broken Web Apps, Webgoat, & ZAP
Ejabberd with xmpp
Ejabberd with xmpp
.NET Fest 2018. Dino Esposito. ASP.NET Blazor—the C# Angular or the return of...
.NET Fest 2018. Dino Esposito. ASP.NET Blazor—the C# Angular or the return of...
JCrawler
JCrawler
Boris Stoyanov - Troubleshooting the Virtual Router - Run and Get Diagnostics
Boris Stoyanov - Troubleshooting the Virtual Router - Run and Get Diagnostics
Apache
Apache
JBoss Negotiation in AS7
JBoss Negotiation in AS7
Web hacking series part 3
Web hacking series part 3
Similar to Root via XSS
Denis Baranov - Root via XSS
Denis Baranov - Root via XSS
DefconRussia
Secure programming with php
Secure programming with php
Mohmad Feroz
Attacking HTML5
Attacking HTML5
AppSec_Labs
[CB20] Operation I am Tom: How APT actors move laterally in corporate network...
[CB20] Operation I am Tom: How APT actors move laterally in corporate network...
CODE BLUE
Building Client-Side Attacks with HTML5 Features
Building Client-Side Attacks with HTML5 Features
Conviso Application Security
Securing Your WordPress Website - WordCamp GC 2011
Securing Your WordPress Website - WordCamp GC 2011
Vlad Lasky
Securing Your WordPress Website by Vlad Lasky
Securing Your WordPress Website by Vlad Lasky
wordcampgc
Owning computers without shell access dark
Owning computers without shell access dark
Royce Davis
Anatomy of PHP Shells
Anatomy of PHP Shells
Vedran Krivokuca
Introduction to php
Introduction to php
shanmukhareddy dasi
Php web app security (eng)
Php web app security (eng)
Anatoliy Okhotnikov
SSRF For Bug Bounties
SSRF For Bug Bounties
OWASP Nagpur
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Jeremiah Grossman
Hacking Client Side Insecurities
Hacking Client Side Insecurities
amiable_indian
PowerShell: The increased use of PowerShell in cyber attacks
PowerShell: The increased use of PowerShell in cyber attacks
Symantec Security Response
Post XSS Exploitation : Advanced Attacks and Remedies
Post XSS Exploitation : Advanced Attacks and Remedies
Adwiteeya Agrawal
Lamp Zend Security
Lamp Zend Security
Ram Srivastava
2013 OWASP Top 10
2013 OWASP Top 10
bilcorry
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
Felipe Prado
Web technologies lesson 1
Web technologies lesson 1
nhepner
Similar to Root via XSS
(20)
Denis Baranov - Root via XSS
Denis Baranov - Root via XSS
Secure programming with php
Secure programming with php
Attacking HTML5
Attacking HTML5
[CB20] Operation I am Tom: How APT actors move laterally in corporate network...
[CB20] Operation I am Tom: How APT actors move laterally in corporate network...
Building Client-Side Attacks with HTML5 Features
Building Client-Side Attacks with HTML5 Features
Securing Your WordPress Website - WordCamp GC 2011
Securing Your WordPress Website - WordCamp GC 2011
Securing Your WordPress Website by Vlad Lasky
Securing Your WordPress Website by Vlad Lasky
Owning computers without shell access dark
Owning computers without shell access dark
Anatomy of PHP Shells
Anatomy of PHP Shells
Introduction to php
Introduction to php
Php web app security (eng)
Php web app security (eng)
SSRF For Bug Bounties
SSRF For Bug Bounties
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Hacking Client Side Insecurities
Hacking Client Side Insecurities
PowerShell: The increased use of PowerShell in cyber attacks
PowerShell: The increased use of PowerShell in cyber attacks
Post XSS Exploitation : Advanced Attacks and Remedies
Post XSS Exploitation : Advanced Attacks and Remedies
Lamp Zend Security
Lamp Zend Security
2013 OWASP Top 10
2013 OWASP Top 10
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
Web technologies lesson 1
Web technologies lesson 1
More from Positive Hack Days
Инструмент ChangelogBuilder для автоматической подготовки Release Notes
Инструмент ChangelogBuilder для автоматической подготовки Release Notes
Positive Hack Days
Как мы собираем проекты в выделенном окружении в Windows Docker
Как мы собираем проекты в выделенном окружении в Windows Docker
Positive Hack Days
Типовая сборка и деплой продуктов в Positive Technologies
Типовая сборка и деплой продуктов в Positive Technologies
Positive Hack Days
Аналитика в проектах: TFS + Qlik
Аналитика в проектах: TFS + Qlik
Positive Hack Days
Использование анализатора кода SonarQube
Использование анализатора кода SonarQube
Positive Hack Days
Развитие сообщества Open DevOps Community
Развитие сообщества Open DevOps Community
Positive Hack Days
Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...
Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...
Positive Hack Days
Автоматизация построения правил для Approof
Автоматизация построения правил для Approof
Positive Hack Days
Мастер-класс «Трущобы Application Security»
Мастер-класс «Трущобы Application Security»
Positive Hack Days
Формальные методы защиты приложений
Формальные методы защиты приложений
Positive Hack Days
Эвристические методы защиты приложений
Эвристические методы защиты приложений
Positive Hack Days
Теоретические основы Application Security
Теоретические основы Application Security
Positive Hack Days
От экспериментального программирования к промышленному: путь длиной в 10 лет
От экспериментального программирования к промышленному: путь длиной в 10 лет
Positive Hack Days
Уязвимое Android-приложение: N проверенных способов наступить на грабли
Уязвимое Android-приложение: N проверенных способов наступить на грабли
Positive Hack Days
Требования по безопасности в архитектуре ПО
Требования по безопасности в архитектуре ПО
Positive Hack Days
Формальная верификация кода на языке Си
Формальная верификация кода на языке Си
Positive Hack Days
Механизмы предотвращения атак в ASP.NET Core
Механизмы предотвращения атак в ASP.NET Core
Positive Hack Days
SOC для КИИ: израильский опыт
SOC для КИИ: израильский опыт
Positive Hack Days
Honeywell Industrial Cyber Security Lab & Services Center
Honeywell Industrial Cyber Security Lab & Services Center
Positive Hack Days
Credential stuffing и брутфорс-атаки
Credential stuffing и брутфорс-атаки
Positive Hack Days
More from Positive Hack Days
(20)
Инструмент ChangelogBuilder для автоматической подготовки Release Notes
Инструмент ChangelogBuilder для автоматической подготовки Release Notes
Как мы собираем проекты в выделенном окружении в Windows Docker
Как мы собираем проекты в выделенном окружении в Windows Docker
Типовая сборка и деплой продуктов в Positive Technologies
Типовая сборка и деплой продуктов в Positive Technologies
Аналитика в проектах: TFS + Qlik
Аналитика в проектах: TFS + Qlik
Использование анализатора кода SonarQube
Использование анализатора кода SonarQube
Развитие сообщества Open DevOps Community
Развитие сообщества Open DevOps Community
Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...
Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...
Автоматизация построения правил для Approof
Автоматизация построения правил для Approof
Мастер-класс «Трущобы Application Security»
Мастер-класс «Трущобы Application Security»
Формальные методы защиты приложений
Формальные методы защиты приложений
Эвристические методы защиты приложений
Эвристические методы защиты приложений
Теоретические основы Application Security
Теоретические основы Application Security
От экспериментального программирования к промышленному: путь длиной в 10 лет
От экспериментального программирования к промышленному: путь длиной в 10 лет
Уязвимое Android-приложение: N проверенных способов наступить на грабли
Уязвимое Android-приложение: N проверенных способов наступить на грабли
Требования по безопасности в архитектуре ПО
Требования по безопасности в архитектуре ПО
Формальная верификация кода на языке Си
Формальная верификация кода на языке Си
Механизмы предотвращения атак в ASP.NET Core
Механизмы предотвращения атак в ASP.NET Core
SOC для КИИ: израильский опыт
SOC для КИИ: израильский опыт
Honeywell Industrial Cyber Security Lab & Services Center
Honeywell Industrial Cyber Security Lab & Services Center
Credential stuffing и брутфорс-атаки
Credential stuffing и брутфорс-атаки
Recently uploaded
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
Alex Barbosa Coqueiro
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
null - The Open Security Community
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
2toLead Limited
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Mark Simos
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
NavinnSomaal
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Lorenzo Miniero
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
comworks
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
Enterprise Knowledge
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
UiPathCommunity
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
Padma Pradeep
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
Alfredo García Lavilla
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
hariprasad279825
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
Fwdays
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Commit University
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
charlottematthew16
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
2toLead Limited
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Fwdays
Recently uploaded
(20)
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Root via XSS
1.
Root via
XSS Positive Technologies November 2011
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
Video
12.
13.
Questions ?
14.
Thank you for
your attention ! [email_address]
Download now