Am Mittwoch 11 Juni 2008 schrieb Aaron Katz: > Several months ago, there was a post about a proof of concept for complete > browser hijacking via XSS. IIRC, the hijacked browser would periodically > query a management server, and the management server would track the > hijacked browsers in a database. The person controlling the management > server could then instruct the hijacked browsers to do his bidding. > > The thing is, I can't find the tool. I'm wondering if anyone still knows > where it is. BeEF? (google for it, according to german law I'm probably not allowed to post this link) -- Hanno Böck Blog: http://www.hboeck.de/ GPG: 3DBD3B20 Jabber/Mail: hanno@xxxxxxxxx
Attachment:
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/