Author: 0x90
-
Archive: Cisco Subscriber Edge Services Manager Cross Site Scripting And HTML Injection Vulnerabilities
Hello ! recently i found a vulnerability in Cisco Subscriber Edge Services Manager which enables the attacker to exploit the XSS and HTML Injection bug ! Details can be checked on Xc0re I think all the versions are affected! #Xc0re Security Research Group Archive
-
Archive: Email Id leak in email servers !
Actually servers as illustrated in the above picture some times leak email ids which help spammers to pin point an email address to spam ! As seen above xt3m3@<target host.com> didnt work because it didnt exist and the server gave a message user unknown ! Attempts are made until a legit email isnt discovered thus the…
-
Archive: if { web applications } then {system intrusion}
Now ! a days every one hears about ASP , PHP or Asp.net. These frameworks have enabled programmers to make dynamic websites. Well web applications can be a heaven for some but a disaster for others . Let me directly cut to the chase . Well for instance you encounter a website www[.]dummy[.]org which runs…
-
Archive: How tunneling softwares compromise internal security
First off let me explain what tunneling really is ? Well to make it simple i wont go into technical details but would say that for example you take a LAYS chips packet and put some thing in side it , that you are usually not allowed to send and you seal it back and…