Man In The DOM (MiTD)

Injection, Projects, Uncategorized, Web Attacks

You are in the middle of an assessment , things are thick. SE is the only option but you are short on time. Users however are sloppy and the question begs to ask:   What’s the Worst that could happen on an unlocked screen for a few minutes? Well Take these pointers at hand: Users Leave […]

XAMPP 1.7.3 Heisting

Uncategorized, WAAS, Web Attacks

Due to the increase in Web Application Exfiltration of data it would be prudent to show a simple scenario that would have this kind of attack suffice; This is to show a vulnerability within webdav service on xampp 1.7.3. Let’s assume the setup below as a simple lab: A banking system application in PHP hosted on […]