[TOOL] JavaScript Attacks with AttackAPI
- From: SecuriTeam <support@xxxxxxxxxxxxxx>
- Date: 18 Sep 2006 13:48:55 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
JavaScript Attacks with AttackAPI
------------------------------------------------------------------------
SUMMARY
DETAILS
AttackAPI provides simple and intuitive web programmable interface for
composing attack vectors with JavaScript and other client (and server)
related technologies. The current release supports several browser based
attacking techniques and simple but powerful JavaScript console.
You can download the tool here:
<http://www.gnucitizen.org/blog/google-search-api-worms>
http://www.gnucitizen.org/blog/google-search-api-worms
ADDITIONAL INFORMATION
To keep updated with the tool visit the project's homepage at:
<http://www.gnucitizen.org/projects/attackapi/>
http://www.gnucitizen.org/projects/attackapi/
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@xxxxxxxxxxxxxx
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@xxxxxxxxxxxxxx
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Prev by Date: [EXPL] Internet Explorer COM Object Heap Overflow Download Exec (Exploit)
- Next by Date: [UNIX] ReviewPost File Inclusion (RP_PATH)
- Previous by thread: [EXPL] Internet Explorer COM Object Heap Overflow Download Exec (Exploit)
- Next by thread: [UNIX] ReviewPost File Inclusion (RP_PATH)
- Index(es):
Relevant Pages
- [NT] Internet Explorer Print without Prompting
... The following security advisory is sent to the securiteam mailing list, and can be
found at the SecuriTeam web site: http://www.securiteam.com ... The vulnerability can be
exploited by using JavaScript, HTML ... (Securiteam) - [REVS] Misunderstanding Javascript Injection: Web Application Abuse via Javascript Injection
... The following security advisory is sent to the securiteam mailing list, and can be
found at the SecuriTeam web site: http://www.securiteam.com ... Misunderstanding Javascript
Injection: Web Application Abuse via ... various security oriented mailing lists, there
are issues Tim has not seen ... (Securiteam) - [UNIX] Konqueror DoS via JavaScript Read of FTP iframe
... The following security advisory is sent to the securiteam mailing list, and can be
found at the SecuriTeam web site: http://www.securiteam.com ... Konqueror DoS via JavaScript Read
of FTP iframe ... Konqueror crashes if JavaScript code tries to read the source
of a child ... Gentoo and Debian running KDE 3.5.5. ... (Securiteam) - [NEWS] Yahoo! Mail Cross-Site Scripting Vulnerability
... The following security advisory is sent to the securiteam mailing list, and can be
found at the SecuriTeam web site: http://www.securiteam.com ... Finjan has discovered a script
injection vulnerability in Yahoo! ... Yahoo s mobile code filtering mechanism is
based on an active content ... of the JavaScript protocol and upon identification ...
(Securiteam) - [NEWS] Internet Explorer and Opera JavaScript Ghost Vulnerability
... The following security advisory is sent to the securiteam mailing list, and can be
found at the SecuriTeam web site: http://www.securiteam.com ... A bug in Internet Explorer and
Opera's processing of JavaScript allows ... visible to the user if the user asks for the
source code of the HTML page. ... If the user browser is vulnerable for this vulnerability,
... (Securiteam)
