[OWASP-Ireland] Technical explanation of the MySpace worm

Damien Conlon damien.conlon at eurokom.ie
Fri Nov 4 06:31:46 EST 2005

If you haven't heard of the MySpace worm, read this first:


Now, although the above is fairly technical, I came across this the other day, written by the author himself:


Anyone interested in cross-site scripting should read the full article; it makes fascinating and fun reading. It's also a very interesting lesson on the pitfalls of 'enumerating badness'.

More information about the Owasp-ireland mailing list