Full Disclosure mailing list archives
Re: Re: micosoft.com xss
From: "Thomas Pollet" <thomas.pollet () gmail com>
Date: Tue, 8 Aug 2006 10:18:56 +0200
On 08/08/06, Mad World <penetrator () home in th> wrote:
Why do you need it ? You already discovered xss, the rest of "job" is just matter of technique. I think majority of xss submitters here could do it by various means. M$ is lost in its own complexity of how to do simple things. If you could ever give me reasonable answer for why do you need this $hit - I could give you the "rest", like others could.
I doubt you actually tried getting js executed on page load (for some reason they try to prevent xss in a number of ways). I did try and didn't succeed, that's why I ask. Greets, Thomas
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- micosoft.com xss Thomas Pollet (Aug 07)
- <Possible follow-ups>
- Re: Re: micosoft.com xss Mad World (Aug 07)
- Re: Re: micosoft.com xss Thomas Pollet (Aug 08)
- Re: Re: micosoft.com xss Mad World (Aug 08)
- Re: Re: micosoft.com xss Mad World (Aug 08)
- Re: Re: micosoft.com xss Thomas Pollet (Aug 08)