Archives for the Month of September, 2007

OpenID security CSS overlays

Update… Verisign have now fixed the vulnerability. I’ve wrote about this before but I’m sure that some people might not know the risks involved, so I’ve created a demonstration of how to use CSS and iframe overlays to take any section of a web site and place it on any other web site. The user […]

Google Adsense CSRF hole

It doesn’t seem like you’re a web security researcher these days unless you find a security hole in Google. So I had 5 minutes spare whilst drinking my brew to find a hole in Google Adsense. I’ve reported the problem to Google and I won’t release the specific details but if you’re creative you might […]


I was bored again and I fancied creating something useful to easily convert between entities etc. I was inspired by Mario’s excellent encoding tool, which I really like but I wanted to be able to convert to unicode and use multiple strings at once. So I give you…. Hackvertor!! which will allow you to use […]

Combining Unicode and Hex decimal

I thought this was cool whilst experimenting, I found I could use hex decimal (ooops that’s what I get for posting on Monday morning) entities within a url to combine unicode strings to produce anything. The result is a truly obscure looking javascript, I’ve included a plain text alert to help understand what’s going on, […]

Flash XSS

I’ve known about this technique for years but everyone might not be aware that Flash can be used for XSS, so I’ve decide to do a quick post to explain. Using getURL in Flash allows you to call javascript using the javascript protocol and using the parameter allowScriptAccess enables you to perform cross domain execution. […]

Javascript for hackers

I’ve spent a bit of time experimenting with Javascript over the last few weeks and I thought I’d share some of the techniques used. First of all Javascript is weird, cool and surprising language, it is just simply not possible to learn everything it can do. Most of these techniques were used whilst hacking/playing with […]

Noscript has iframe protection

For those of you that read my blog you’ll know that I’m not a big fan of iframes for various reasons. I wrote a Javascript/CSS scanner which uses them to scan a local area network. There was no easy way to actually prevent this stuff until now….noscript now has iframe protection which is fantastic news, […]

iframes are evil

If I was in charge of browser security I would completely remove them, they are just a bad idea, I predict a huge rise of iframe based attacks from browser exploits to CSRF. I know this won’t happen because there are too many people who use them and don’t understand the security implications. So I […]

New Spambam plugin

I’ve finally taken the time to update my spam protection plugin for WordPress, the original plugin worked well and stopped pretty much any automated spam. But I decided to update it because a few users were reporting problems on this site and other sites, for some reason it didn’t work with IE7. Rather than just […]

Window name trick

I didn’t know about this trick and I’m sure many others don’t either. You can inject javascript into the and then execute that code from the new window by using eval on the window name. How cool is that? Here’s a example from Sirdarckcat:-”javascript:alert((window.opener||window).document.cookie);”; The inventor of this technique Giorgio Maone is my […]