SecurityRatty: tag: html

The Extended HTML Form Attack Revisited

2008-07-09 15:29:05 by Editor in Help Net Security - Articles

HTML forms are one of the features in HTTP that allows users to send data to HTTP servers. An often overlooked feature is that due to the nature of HTTP, the web browser has no way of identifying betw

Tags: html forms, web browser, due, features, data, users, betw, nature, feature

Compromised Web Servers Serving Fake Flash Players

2008-08-05 14:50:04 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...html file, where an IFRAME attempts to access the traffic management command and control, in a random URL it was 207.10.234.217/cgi-bin/index.cgi?user200 . A sample list of participating URLs, most of which are still active and running joseantoniobaltanas .com automoviliaria .es/hotnews.html risasnc .it/fresh.html carpe-diem...

Tags: file, html file, html, comtopnews, detopnews, windows media player, player, web, real player exploit

Google Spamming Us

2007-12-20 22:11:11 by RSnake in ha.ckers.org web application security lab

...html Not too bad for a robot. How about some totally innane Apache directory structure stuff that couldnt possibly work 66.249.73.40 - - [26/Nov/2007:00:46:03 +0000] GET /bluehat-spring-2007/?C=S;O=A HTTP/1.1 200 3681 - Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html Someone needs to figure out how UTF-7 works...

Tags: google, html http1, http1, html, google likes viagra, referrer spam, spam, google spam, con google

The DDoS Attack Against CNN.com

2008-04-22 19:30:53 by HASH0x8b2d1ec in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...html 80aft.com/cnn.htm tom765.cn/cnn.html ah930.com/cnn.htm 0851qiche.cn/cnn.html xdadmin.com/cnn.html ah930.com/cnn.html s234sdf3.cn.webz.datasir.com/cnn.asp bbscar.com.cn/cnn 120abc.cn/cn n.html hospltal.cn/cnn.html bbs.cityzx.cn/cnn.htm bestmf.cn/cnn.html anlycloud.com/cnn/cnn qibubbs.net/ddoscnn.htm maje.cn/cnn.html...

Tags: ddos, ddos-ing cnn, cnn, ddos people, warfare, information warfare attack, attack, ddos attack, chinese script kiddies

Automating web application security testing

2007-07-16 11:40:00 by Panayiotis Mavrommatis in Google Online Security Blog

...HTML document, the appropriate sanitization depends on the specific context in which the data is inserted into the HTML document. The context could be in the regular HTML body, tag attributes, URL attributes, URL query string attributes, style attributes, inside JavaScript, HTTP response headers, etc The following are some (by no means...

Tags: web application, application, input, input parameters, accepts user input, xss, xss vulnerabilities, security, security team check

The top 10 spam characteristics (#1-5)

2006-10-03 04:13:56 by Administrator in Email security & compliance blog

...HTML body : HTML messages usually include a plain text version of the email so that recipients with email clients that cannot read HTML can still view the message in plain text. However, many spammers tend to send HTML messages without this plain text body part. This is done to save on size and to force recipients to read the HTML version...

Tags: spam, spam characteristics, top spam characteristics, spam characteristic, spam mails, avoid spam messages, html comment tags, comment tags, flag spam correctly

RBN's Phishing Activities

2008-02-27 13:20:49 by HASH0x8b05fb8 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...html 81.95.149.226/scm/uk/lloydstsb/personal/index.html 81.95.149.226/scm/cyprus/persmain.html 81.95.149.226/scm/au/westpac/index.html 81.95.149.226/scm/au/commonwealth 81.95.149.226/scm/au/warwickcreditunion/index.html 81.95.149.226/scm/uk/lloydstsb/business/index.html 81.95.149.226/scm/uk/halifax.php...

Tags: rbn, html, historical screenshot, screenshot, rbn urls, network, russian business network, nuklus production speaks, nuklus

Automating web application security testing

2007-07-16 11:40:00 by Panayiotis Mavrommatis in Google Online Security Blog

...HTML document, the appropriate sanitization depends on the specific context in which the data is inserted into the HTML document. The context could be in the regular HTML body, tag attributes, URL attributes, URL query string attributes, style attributes, inside JavaScript, HTTP response headers, etc The following are some (by no means...

Tags: web application, application, input, input parameters, accepts user input, xss, xss vulnerabilities, security, security team check

Blue Box #84: New Cisco, Avaya, Nortel VoIP security vulnerabilities from VoIPShield, Skype in China, UCSniff and other new tools, news and more

2008-10-20 08:32:28 by HASH0x8b3c68c in Blue Box: The VoIP Security Podcast

...html? r=2&partner=rssnyt&pagewanted=print http://securitywatch.eweek.com/privacy/skypechina breach is anyone really surprised.html http://www.informationweek.com/news/telecom/voip/showArticle.jhtml?articleID=210605439 Skype CEO's blog post about the issue: http://share.skype.com/sites/en/2008/10/answers to some commonly asked.html...

Tags: skype, blue box, news, tools, voipshield, comments, audio comments, podcast, skype messages

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo