← Back to Users
danielkennedy74's activity in the archive.
Persistent XSS on Twitter.com - http://praetorianprefect.com/archives/2010/06/persistent-xss-on-twitter-com/
http://praetorianprefect.com/archives/2010/06/114000-ipad-owners-the-script-that-harvested-their-e-mail-addresses/
The following links to an example of using this vulnerability in Metasploit to compromise a user's PC, in essence what happened to users at Google and some 30 other companies via bad actors assumed to be Chinese Nationals: http://praetorianprefect.com/archives/2010/01/the-aurora-ie-exploit-in-action/
The tool didn't send data to decafme, didn't open any backdoors, isn't really disabled for anyone with half a brain, and was a stunt but never a hoax: Reactivate DECAF in two minutes: http://praetorianprefect.com/archives/2009/12/reactivating-decaf-in-two-minutes/
Slashdot Mirror
Persistent XSS on Twitter.com - http://praetorianprefect.com/archives/2010/06/persistent-xss-on-twitter-com/
http://praetorianprefect.com/archives/2010/06/114000-ipad-owners-the-script-that-harvested-their-e-mail-addresses/
The following links to an example of using this vulnerability in Metasploit to compromise a user's PC, in essence what happened to users at Google and some 30 other companies via bad actors assumed to be Chinese Nationals: http://praetorianprefect.com/archives/2010/01/the-aurora-ie-exploit-in-action/
The tool didn't send data to decafme, didn't open any backdoors, isn't really disabled for anyone with half a brain, and was a stunt but never a hoax: Reactivate DECAF in two minutes: http://praetorianprefect.com/archives/2009/12/reactivating-decaf-in-two-minutes/