[Owasp-turkey] Owasp-turkey Digest, Vol 32, Issue 9
Onur YILMAZ
contact at onuryilmaz.info
Wed Nov 18 09:02:26 EST 2009
XSS şart değil aslında, başka şeyler de hazırlayabiliriz : )
TR karakterleri neden kaynaklanıyor bilmiyorum ama bir bakalım mail-listten
kaynaklı bir şey mi diye.
From: owasp-turkey-bounces at lists.owasp.org
[mailto:owasp-turkey-bounces at lists.owasp.org] On Behalf Of Oğuzhan YILMAZ
Sent: Monday, November 16, 2009 7:14 PM
To: owasp-turkey at lists.owasp.org
Subject: Re: [Owasp-turkey] Owasp-turkey Digest, Vol 32, Issue 9
Bu XSS Case'leri biraz daha sık yapalım çerez tadında çok zevkli oluyor. ;)
Bu arada benim mail-list ayarlarında TR karakterler dağılıyor. Efektif
kullanamıyorum e-posta list'ini.
Oğuzhan
2009/11/16 <owasp-turkey-request at lists.owasp.org>
Send Owasp-turkey mailing list submissions to
owasp-turkey at lists.owasp.org
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.owasp.org/mailman/listinfo/owasp-turkey
or, via email, send a message with subject or body 'help' to
owasp-turkey-request at lists.owasp.org
You can reach the person managing the list at
owasp-turkey-owner at lists.owasp.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Owasp-turkey digest..."
Today's Topics:
1. Re: XSS - Blacklist Bypass (serkon...)
----------------------------------------------------------------------
Message: 1
Date: Sun, 15 Nov 2009 12:27:20 -0800 (PST)
From: "serkon..." <serkons at yahoo.com>
Subject: Re: [Owasp-turkey] XSS - Blacklist Bypass
To: owasp-turkey at lists.owasp.org
Message-ID: <75546.93388.qm at web55504.mail.re4.yahoo.com>
Content-Type: text/plain; charset="utf-8"
Chrome 4.0.223.11 surumunu kullaniyorum. Nedeni bu olabilir. Yarin baska bir
makinada daha deneyecegim.
Best regards
Serkon ...
________________________________
From: Onur YILMAZ <contact at onuryilmaz.info>
To: OWASP-T?rkiye <owasp-turkey at lists.owasp.org>
Sent: Sun, November 15, 2009 1:58:55 PM
Subject: Re: [Owasp-turkey] XSS - Blacklist Bypass
Selamlar,
Chrome 3.0 da denedim, hepsi
?al???yor, bir sorun yok bende.
?yi ?al??malar.
From:owasp-turkey-bounces at lists.owasp.org
<mailto:From%3Aowasp-turkey-bounces at lists.owasp.org>
[mailto:owasp-turkey-bounces at lists.owasp.org] On Behalf Of serkon...
Sent: Sunday, November 15, 2009 1:59 AM
To: owasp-turkey at lists.owasp.org
Subject: Re: [Owasp-turkey] XSS - Blacklist Bypass
<script
> alert(1); </xssscript>
daha once ekleyen oldumu bilmem.
Ayrica eklemek istedigim bir gozlem var: Google chrome da bu xss
saldirilarindan yanit alamadim. Sizlerinde denemenizi oneririm.
Best
regards
Serkon ...
________________________________
From:Onur YILMAZ <contact at onuryilmaz.info>
To: OWASP-T?rkiye <owasp-turkey at lists.owasp.org>
Sent: Thu, November 12, 2009 3:11:37 PM
Subject: [Owasp-turkey] XSS - Blacklist Bypass
Selamlar,
Ufak bir XSS case?i haz?rlad?k. Case?i haz?rlarken web
developerlar?n yapt??? klasik bir eksik g?venlik fark?ndal???n? temel ald?k.
Javascript:alert(1) kodunun i?levini g?ren bir kod ile
ilgili case?i bypass etmek gerekiyor. Yani klasik ?ekilde ekrana alert
(uyar?)
verdirmek laz?m.
Bakal?m ?nce kim bypass edecek :p
Case: http://onuryilmaz.info/XSS/
Kolay gelsin.
Onur
YILMAZ
onuryilmaz.info
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
https://lists.owasp.org/pipermail/owasp-turkey/attachments/20091115/c3cecd34
/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: chrome.jpg
Type: image/jpeg
Size: 28446 bytes
Desc: not available
Url :
https://lists.owasp.org/pipermail/owasp-turkey/attachments/20091115/c3cecd34
/attachment-0001.jpg
------------------------------
_______________________________________________
Owasp-turkey mailing list
Owasp-turkey at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-turkey
End of Owasp-turkey Digest, Vol 32, Issue 9
*******************************************
-------------- sonraki bölüm --------------
Bir HTML eklentisi temizlendi...
URL: https://lists.owasp.org/pipermail/owasp-turkey/attachments/20091118/9ae6b78b/attachment.html
More information about the Owasp-turkey
mailing list