Tagged Questions
4
votes
1answer
130 views
Why would a user agent string be executed?
I'm having trouble understanding how a particular XSS vulnerability might arise in the real world. Guides for two of the exercises on hackthissite.org:
...
0
votes
2answers
1k views
Ways to completely spoof browser user agent and hiding OS to a webserver
This is a follow-up to the following question: Can a website determine what OS or web browser a visitor is using if the useragent is blanked/changed?
If I have understood the answers correctly, a ...
8
votes
4answers
709 views
I've encountered JavaScript attack code - how do I search for information on the exploit's specifics?
So, I clicked on a reasonably-looking LinkedIn invite, not thinking about hovering overing the link first, since usually the e-mail client warns me about such things.
Once I realized I landed on an ...
41
votes
3answers
3k views
I found obfuscated code in a comment on my blog. What should I do?
Today I was checking comments on my blog and I found a strange comment, here is the exact text
<script>var ...
2
votes
2answers
190 views
Identify code being run on website
I do not normally deal with internet security problems but this one has got me interested.
The issue is with a specific site, lets say example.com, and how it it visited.
If the address is typed ...
3
votes
2answers
516 views
How can JavaScript be tampered with while viewing a web page?
I often hear about how client side JavaScript can't be relied on because it can easily be changed. How exactly can it be changed, what program would be used to modify the JavaScript before a page ...
