Parsons Software Security Consulting Blog

Archive for the ‘O2’ Category

XSS Exploit with 02 continued on Google Demo Hack Site

leave a comment »

In the spirit of Cross Site Scripting exploits with 02 we will continue to exploit using 02 XSS exploit script. This time I will use the script from Dinis Cruz’s powerful 02.

We are going to select XSS builder.

Google is kind enough to offer an attack website, Gruyere.  Only attack websites you are authorized to  attack.  Parsons Software Security Consulting, LLC assumes no liability in any damage that you do from unauthorized hacking.

We are going to attack the login page.

The website is vulnerable to XSS.  Next time we will create a script to show this attack and do a defacement.

If you have any questions or comments feel free to contact Matt Parsons.

Also Parsons Software Security Consulting, LLC is offering free unauthenticated web penetration test to the first 10 companies that respond by the end of the year 2010.

Written by mparsons1980

November 24, 2010 at 9:49 pm