headermask image

header image

category archive listing Category Archives: xss

Orkut Latest XSS Worm; and what it means for Indian Orkuteers

December 20, 2007 – 3:14 pm

Update: Kishor reports a flaw in the implementation of “private” videos feature on Orkut. Although I am at office and I haven’t checked it yet myself, I believe I can trust him, based on his posts at Slackers. Nice one Kishor. 1. YAWN [Yet Another Worm, Nanny] Orkut (Google’s MySpace and Facebook for Indian, Pakistan [...]

By Bipin 3 Upadhyay | Also posted in cyberlaw, defacement, education, google, guide, irony, life, news, review, security, webappsec | Comments (16)

The Web is Broken

October 12, 2007 – 5:54 pm

Update: I somehow managed to make a blunder. A part of slide no. 12 was taken from David Kierznowski’s (of GNUCitizen and Blogsecurity group) presentation for OWASP Belgium Conf. I missed out on mentioning David’s name is the credits. Apologies David. I’ve updated and re-uploaded it. Yesterday, I presented my first Webinar (Seminar on Web). [...]

By Bipin 3 Upadhyay | Also posted in csrf, defacement, google, hack, hackers, humour, life, review, script, security, webappsec | Comments (0)

IFrames – To be or not to be?

September 10, 2007 – 3:22 pm

Update: Aah. It’s not that there couldn’t have been any better news , but today’s News is that Ma1 has agreed to provide feature to block frames through NoScript from the next version (1.1.7). NoScripts Rocks. Oh and Yes! Ma1 Rocks too …;) I have been pretty busy since the last few weeks (and this [...]

By Bipin 3 Upadhyay | Also posted in bug, csrf, hack, hackers, loophole, news, security, webappsec | Comments (0)