摘要:
In one day I decided to stop hunting Bugs in Facebook Mobile android , IOS and Windows phone apps and start hunting bugs in facebook.com website. I sa 阅读全文
posted @ 2016-10-23 21:05
独裁者
阅读(766)
评论(0)
推荐(0)
摘要:
var submitListener:Object = new Object(); submitListener.click = function(evt:Object) { var result_lv:LoadVars = new LoadVars(); var send_lv:LoadVars 阅读全文
posted @ 2016-10-15 17:59
独裁者
阅读(122)
评论(0)
推荐(0)
摘要:
aaa 阅读全文
posted @ 2016-10-05 16:41
独裁者
阅读(198)
评论(0)
推荐(0)
摘要:
Hello all so this post is about how I was able to hijack ton’s of domains/subdomains who using Instapage if there service got expired. What is instapa 阅读全文
posted @ 2016-10-04 10:02
独裁者
阅读(439)
评论(0)
推荐(0)
摘要:
Hackers can claim subdomains with the help of external services. This attack is practically non-traceable, and affects at least 17 large service provi 阅读全文
posted @ 2016-10-03 20:56
独裁者
阅读(433)
评论(0)
推荐(0)
摘要:
TLDR C'mon, show me the XSS domain takeover 5 mins later… So how did you take over the domain? So is this bad? 阅读全文
posted @ 2016-09-21 23:34
独裁者
阅读(296)
评论(0)
推荐(0)
摘要:
I was bug hunting on a site which looked like this: POST /snip/snippet.php HTTP/1.1 <?xml version="1.0"?> I tested in BURP for XSS in XML, and it work 阅读全文
posted @ 2016-09-21 22:44
独裁者
阅读(377)
评论(0)
推荐(0)
摘要:
dig @8.8.8.8 ANT photo.facebook.com 意思查询所有的参数 阅读全文
posted @ 2016-09-11 21:24
独裁者
阅读(1402)
评论(1)
推荐(0)
摘要:
flash与环境之间交互的几种情况:1、swf加载本域图片等(视频/jpg/gif/png/swf...)无限制2、swf加载跨域图片等(视频/jpg/gif/png/swf...)无限制使用loader3、swf请求本域数据等(txt/jsp/php/.net...)无限制4、swf请求跨域数据等... 阅读全文
posted @ 2015-12-07 21:41
独裁者
阅读(411)
评论(0)
推荐(0)
摘要:
Unfortunately,MicrosoftSQLServer'sSQLdialectTransact-SQLdoesnotsupportreadingandwritingfilesinaneasywayasopposedtoMySQL'sLOAD_FILE() functionandINTOOU... 阅读全文
posted @ 2015-06-19 16:28
独裁者
阅读(273)
评论(0)
推荐(0)
浙公网安备 33010602011771号