Submit Search
Upload
Root via XSS
•
1 like
•
1,754 views
Positive Hack Days
Follow
Technology
Report
Share
Report
Share
1 of 14
Recommended
Random numbers
Random numbers
Positive Hack Days
Intercepting Windows Printing by Modifying GDI Subsystem
Intercepting Windows Printing by Modifying GDI Subsystem
Positive Hack Days
Root via XSS
Root via XSS
Positive Hack Days
Denis Baranov: Root via XSS
Denis Baranov: Root via XSS
qqlan
Denis Baranov - Root via XSS
Denis Baranov - Root via XSS
DefconRussia
Secure Your Wordpress
Secure Your Wordpress
n|u - The Open Security Community
Cross interface attack
Cross interface attack
piyushml20
Browser exploit framework
Browser exploit framework
Prashanth Sivarajan
Recommended
Random numbers
Random numbers
Positive Hack Days
Intercepting Windows Printing by Modifying GDI Subsystem
Intercepting Windows Printing by Modifying GDI Subsystem
Positive Hack Days
Root via XSS
Root via XSS
Positive Hack Days
Denis Baranov: Root via XSS
Denis Baranov: Root via XSS
qqlan
Denis Baranov - Root via XSS
Denis Baranov - Root via XSS
DefconRussia
Secure Your Wordpress
Secure Your Wordpress
n|u - The Open Security Community
Cross interface attack
Cross interface attack
piyushml20
Browser exploit framework
Browser exploit framework
Prashanth Sivarajan
Owasp AppSecEU 2015 - BeEF Session
Owasp AppSecEU 2015 - BeEF Session
Bart Leppens
An Introduction to Sysinternals
An Introduction to Sysinternals
Riyaz Walikar
Nikto
Nikto
Sorina Chirilă
Defending Your Network
Defending Your Network
Adam Getchell
BlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deception
BlueHat Security Conference
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
EC-Council
WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)
WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)
Ericom Software
Exploit development 101 - Part 1 - Null Singapore
Exploit development 101 - Part 1 - Null Singapore
Mohammed A. Imran
Anatomy of PHP Shells
Anatomy of PHP Shells
Vedran Krivokuca
Заполучили права администратора домена? Игра еще не окончена
Заполучили права администратора домена? Игра еще не окончена
Positive Hack Days
Owning computers without shell access 2
Owning computers without shell access 2
Royce Davis
Owning computers without shell access dark
Owning computers without shell access dark
Royce Davis
Three Years of Lessons Running Potentially Malicious Code Inside Containers
Three Years of Lessons Running Potentially Malicious Code Inside Containers
Ben Hall
Get-Help: An intro to PowerShell and how to Use it for Evil
Get-Help: An intro to PowerShell and how to Use it for Evil
jaredhaight
Hacking Highly Secured Enterprise Environments by Zoltan Balazs
Hacking Highly Secured Enterprise Environments by Zoltan Balazs
Shakacon
TriplePlay-WebAppPenTestingTools
TriplePlay-WebAppPenTestingTools
Yury Chemerkin
BlueHat v18 || Linear time shellcode detection using state machines and opera...
BlueHat v18 || Linear time shellcode detection using state machines and opera...
BlueHat Security Conference
Post XSS Exploitation : Advanced Attacks and Remedies
Post XSS Exploitation : Advanced Attacks and Remedies
Adwiteeya Agrawal
ChinaNetCloud - The Zabbix Database - Zabbix Conference 2014
ChinaNetCloud - The Zabbix Database - Zabbix Conference 2014
ChinaNetCloud
Defcon Moscow #0x0A - Mikhail Firstov "Hacking routers as Web Hacker"
Defcon Moscow #0x0A - Mikhail Firstov "Hacking routers as Web Hacker"
Defcon Moscow
Secure programming with php
Secure programming with php
Mohmad Feroz
Attacking HTML5
Attacking HTML5
AppSec_Labs
More Related Content
What's hot
Owasp AppSecEU 2015 - BeEF Session
Owasp AppSecEU 2015 - BeEF Session
Bart Leppens
An Introduction to Sysinternals
An Introduction to Sysinternals
Riyaz Walikar
Nikto
Nikto
Sorina Chirilă
Defending Your Network
Defending Your Network
Adam Getchell
BlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deception
BlueHat Security Conference
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
EC-Council
WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)
WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)
Ericom Software
Exploit development 101 - Part 1 - Null Singapore
Exploit development 101 - Part 1 - Null Singapore
Mohammed A. Imran
Anatomy of PHP Shells
Anatomy of PHP Shells
Vedran Krivokuca
Заполучили права администратора домена? Игра еще не окончена
Заполучили права администратора домена? Игра еще не окончена
Positive Hack Days
Owning computers without shell access 2
Owning computers without shell access 2
Royce Davis
Owning computers without shell access dark
Owning computers without shell access dark
Royce Davis
Three Years of Lessons Running Potentially Malicious Code Inside Containers
Three Years of Lessons Running Potentially Malicious Code Inside Containers
Ben Hall
Get-Help: An intro to PowerShell and how to Use it for Evil
Get-Help: An intro to PowerShell and how to Use it for Evil
jaredhaight
Hacking Highly Secured Enterprise Environments by Zoltan Balazs
Hacking Highly Secured Enterprise Environments by Zoltan Balazs
Shakacon
TriplePlay-WebAppPenTestingTools
TriplePlay-WebAppPenTestingTools
Yury Chemerkin
BlueHat v18 || Linear time shellcode detection using state machines and opera...
BlueHat v18 || Linear time shellcode detection using state machines and opera...
BlueHat Security Conference
Post XSS Exploitation : Advanced Attacks and Remedies
Post XSS Exploitation : Advanced Attacks and Remedies
Adwiteeya Agrawal
ChinaNetCloud - The Zabbix Database - Zabbix Conference 2014
ChinaNetCloud - The Zabbix Database - Zabbix Conference 2014
ChinaNetCloud
Defcon Moscow #0x0A - Mikhail Firstov "Hacking routers as Web Hacker"
Defcon Moscow #0x0A - Mikhail Firstov "Hacking routers as Web Hacker"
Defcon Moscow
What's hot
(20)
Owasp AppSecEU 2015 - BeEF Session
Owasp AppSecEU 2015 - BeEF Session
An Introduction to Sysinternals
An Introduction to Sysinternals
Nikto
Nikto
Defending Your Network
Defending Your Network
BlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deception
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)
WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)
Exploit development 101 - Part 1 - Null Singapore
Exploit development 101 - Part 1 - Null Singapore
Anatomy of PHP Shells
Anatomy of PHP Shells
Заполучили права администратора домена? Игра еще не окончена
Заполучили права администратора домена? Игра еще не окончена
Owning computers without shell access 2
Owning computers without shell access 2
Owning computers without shell access dark
Owning computers without shell access dark
Three Years of Lessons Running Potentially Malicious Code Inside Containers
Three Years of Lessons Running Potentially Malicious Code Inside Containers
Get-Help: An intro to PowerShell and how to Use it for Evil
Get-Help: An intro to PowerShell and how to Use it for Evil
Hacking Highly Secured Enterprise Environments by Zoltan Balazs
Hacking Highly Secured Enterprise Environments by Zoltan Balazs
TriplePlay-WebAppPenTestingTools
TriplePlay-WebAppPenTestingTools
BlueHat v18 || Linear time shellcode detection using state machines and opera...
BlueHat v18 || Linear time shellcode detection using state machines and opera...
Post XSS Exploitation : Advanced Attacks and Remedies
Post XSS Exploitation : Advanced Attacks and Remedies
ChinaNetCloud - The Zabbix Database - Zabbix Conference 2014
ChinaNetCloud - The Zabbix Database - Zabbix Conference 2014
Defcon Moscow #0x0A - Mikhail Firstov "Hacking routers as Web Hacker"
Defcon Moscow #0x0A - Mikhail Firstov "Hacking routers as Web Hacker"
Similar to Root via XSS
Secure programming with php
Secure programming with php
Mohmad Feroz
Attacking HTML5
Attacking HTML5
AppSec_Labs
[CB20] Operation I am Tom: How APT actors move laterally in corporate network...
[CB20] Operation I am Tom: How APT actors move laterally in corporate network...
CODE BLUE
Building Client-Side Attacks with HTML5 Features
Building Client-Side Attacks with HTML5 Features
Conviso Application Security
Securing Your WordPress Website - WordCamp GC 2011
Securing Your WordPress Website - WordCamp GC 2011
Vlad Lasky
Securing Your WordPress Website by Vlad Lasky
Securing Your WordPress Website by Vlad Lasky
wordcampgc
Introduction to php
Introduction to php
shanmukhareddy dasi
Php web app security (eng)
Php web app security (eng)
Anatoliy Okhotnikov
SSRF For Bug Bounties
SSRF For Bug Bounties
OWASP Nagpur
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Jeremiah Grossman
Hacking Client Side Insecurities
Hacking Client Side Insecurities
amiable_indian
PowerShell: The increased use of PowerShell in cyber attacks
PowerShell: The increased use of PowerShell in cyber attacks
Symantec Security Response
Lamp Zend Security
Lamp Zend Security
Ram Srivastava
2013 OWASP Top 10
2013 OWASP Top 10
bilcorry
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
Felipe Prado
Web technologies lesson 1
Web technologies lesson 1
nhepner
Html5 hacking
Html5 hacking
Iftach Ian Amit
My Saminar On Php
My Saminar On Php
Arjun Kumawat
Browser Hacking For Fun and Profit | Null Bangalore Meetup 2019 | Divyanshu S...
Browser Hacking For Fun and Profit | Null Bangalore Meetup 2019 | Divyanshu S...
Divyanshu
Secure PHP Coding
Secure PHP Coding
Narudom Roongsiriwong, CISSP
Similar to Root via XSS
(20)
Secure programming with php
Secure programming with php
Attacking HTML5
Attacking HTML5
[CB20] Operation I am Tom: How APT actors move laterally in corporate network...
[CB20] Operation I am Tom: How APT actors move laterally in corporate network...
Building Client-Side Attacks with HTML5 Features
Building Client-Side Attacks with HTML5 Features
Securing Your WordPress Website - WordCamp GC 2011
Securing Your WordPress Website - WordCamp GC 2011
Securing Your WordPress Website by Vlad Lasky
Securing Your WordPress Website by Vlad Lasky
Introduction to php
Introduction to php
Php web app security (eng)
Php web app security (eng)
SSRF For Bug Bounties
SSRF For Bug Bounties
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Hacking Client Side Insecurities
Hacking Client Side Insecurities
PowerShell: The increased use of PowerShell in cyber attacks
PowerShell: The increased use of PowerShell in cyber attacks
Lamp Zend Security
Lamp Zend Security
2013 OWASP Top 10
2013 OWASP Top 10
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
Web technologies lesson 1
Web technologies lesson 1
Html5 hacking
Html5 hacking
My Saminar On Php
My Saminar On Php
Browser Hacking For Fun and Profit | Null Bangalore Meetup 2019 | Divyanshu S...
Browser Hacking For Fun and Profit | Null Bangalore Meetup 2019 | Divyanshu S...
Secure PHP Coding
Secure PHP Coding
More from Positive Hack Days
Инструмент ChangelogBuilder для автоматической подготовки Release Notes
Инструмент ChangelogBuilder для автоматической подготовки Release Notes
Positive Hack Days
Как мы собираем проекты в выделенном окружении в Windows Docker
Как мы собираем проекты в выделенном окружении в Windows Docker
Positive Hack Days
Типовая сборка и деплой продуктов в Positive Technologies
Типовая сборка и деплой продуктов в Positive Technologies
Positive Hack Days
Аналитика в проектах: TFS + Qlik
Аналитика в проектах: TFS + Qlik
Positive Hack Days
Использование анализатора кода SonarQube
Использование анализатора кода SonarQube
Positive Hack Days
Развитие сообщества Open DevOps Community
Развитие сообщества Open DevOps Community
Positive Hack Days
Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...
Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...
Positive Hack Days
Автоматизация построения правил для Approof
Автоматизация построения правил для Approof
Positive Hack Days
Мастер-класс «Трущобы Application Security»
Мастер-класс «Трущобы Application Security»
Positive Hack Days
Формальные методы защиты приложений
Формальные методы защиты приложений
Positive Hack Days
Эвристические методы защиты приложений
Эвристические методы защиты приложений
Positive Hack Days
Теоретические основы Application Security
Теоретические основы Application Security
Positive Hack Days
От экспериментального программирования к промышленному: путь длиной в 10 лет
От экспериментального программирования к промышленному: путь длиной в 10 лет
Positive Hack Days
Уязвимое Android-приложение: N проверенных способов наступить на грабли
Уязвимое Android-приложение: N проверенных способов наступить на грабли
Positive Hack Days
Требования по безопасности в архитектуре ПО
Требования по безопасности в архитектуре ПО
Positive Hack Days
Формальная верификация кода на языке Си
Формальная верификация кода на языке Си
Positive Hack Days
Механизмы предотвращения атак в ASP.NET Core
Механизмы предотвращения атак в ASP.NET Core
Positive Hack Days
SOC для КИИ: израильский опыт
SOC для КИИ: израильский опыт
Positive Hack Days
Honeywell Industrial Cyber Security Lab & Services Center
Honeywell Industrial Cyber Security Lab & Services Center
Positive Hack Days
Credential stuffing и брутфорс-атаки
Credential stuffing и брутфорс-атаки
Positive Hack Days
More from Positive Hack Days
(20)
Инструмент ChangelogBuilder для автоматической подготовки Release Notes
Инструмент ChangelogBuilder для автоматической подготовки Release Notes
Как мы собираем проекты в выделенном окружении в Windows Docker
Как мы собираем проекты в выделенном окружении в Windows Docker
Типовая сборка и деплой продуктов в Positive Technologies
Типовая сборка и деплой продуктов в Positive Technologies
Аналитика в проектах: TFS + Qlik
Аналитика в проектах: TFS + Qlik
Использование анализатора кода SonarQube
Использование анализатора кода SonarQube
Развитие сообщества Open DevOps Community
Развитие сообщества Open DevOps Community
Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...
Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...
Автоматизация построения правил для Approof
Автоматизация построения правил для Approof
Мастер-класс «Трущобы Application Security»
Мастер-класс «Трущобы Application Security»
Формальные методы защиты приложений
Формальные методы защиты приложений
Эвристические методы защиты приложений
Эвристические методы защиты приложений
Теоретические основы Application Security
Теоретические основы Application Security
От экспериментального программирования к промышленному: путь длиной в 10 лет
От экспериментального программирования к промышленному: путь длиной в 10 лет
Уязвимое Android-приложение: N проверенных способов наступить на грабли
Уязвимое Android-приложение: N проверенных способов наступить на грабли
Требования по безопасности в архитектуре ПО
Требования по безопасности в архитектуре ПО
Формальная верификация кода на языке Си
Формальная верификация кода на языке Си
Механизмы предотвращения атак в ASP.NET Core
Механизмы предотвращения атак в ASP.NET Core
SOC для КИИ: израильский опыт
SOC для КИИ: израильский опыт
Honeywell Industrial Cyber Security Lab & Services Center
Honeywell Industrial Cyber Security Lab & Services Center
Credential stuffing и брутфорс-атаки
Credential stuffing и брутфорс-атаки
Recently uploaded
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Gabriella Davis
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
naman860154
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
shyamraj55
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Mark Billinghurst
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
Sinan KOZAK
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
Padma Pradeep
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
XfilesPro
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Michael W. Hawkins
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
Pooja Nehwal
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Katpro Technologies
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
2toLead Limited
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
AndikSusilo4
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
BookNet Canada
Slack Application Development 101 Slides
Slack Application Development 101 Slides
praypatel2
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
LBM Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j
Recently uploaded
(20)
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Slack Application Development 101 Slides
Slack Application Development 101 Slides
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Root via XSS
1.
Root via
XSS Positive Technologies November 2011
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
Video
12.
13.
Questions ?
14.
Thank you for
your attention ! [email_address]