Comments on: XSS attacks a practical example

By: Gareth Heyes

Gareth Heyes — Wed, 18 Jun 2008 17:45:13 +0000

@lakye

You need PHP and a web server, you can use IIS on windows or XAMPP [1]
On the mac it comes built in with Apache and PHP but there’s a nice app that lets you run it in the applications folder called MAMP [2]

http://www.apachefriends.org/en/xampp.html [1]
http://www.mamp.info/en/mamp.html [2]

Once you have those installed the examples should work when you copy the files into the web document root.

By: lakye

lakye — Wed, 18 Jun 2008 17:00:12 +0000

may i ask.. how to make this document work?

By: fragge

fragge — Wed, 19 Mar 2008 05:29:19 +0000

“; REL=stylesheet”>”

LOL

By: Gareth Heyes

Gareth Heyes — Tue, 18 Mar 2008 16:24:17 +0000

What’s the point? sigh

By: ";alert('XSS');//

";alert('XSS');// — Tue, 18 Mar 2008 16:11:57 +0000

; REL=stylesheet”>

By: Bipin 3~ Upadhyay

Bipin 3~ Upadhyay — Tue, 02 Oct 2007 20:56:37 +0000

@Gareth:
Gareth, as always, comes up with another interesting, yet simple post. hehe

@.Mario:
Thanks for the link.
BTW, is there any story behind the handle .mario?

By: Gareth Heyes

Gareth Heyes — Mon, 01 Oct 2007 22:23:31 +0000

@Joshua

No problem I’m glad I helped I might do another example soon with some more advanced stuff so stay tuned.

@Mario

Excellent link thanks

By: .mario

.mario — Mon, 01 Oct 2007 21:51:19 +0000

Hi!

Nice one! Just to mention - Kishor once created the XSS in eXceSS tool which is also great for learning. Maybe you like to take a look here:

http://h4k.in/xssinexcess

Greetings,
.mario

By: Joshua Grainger

Joshua Grainger — Mon, 01 Oct 2007 20:27:22 +0000

Thanks for this, it really helped me understand better the vectors for the strange examples.