The slides of our @BlackHatEvents Talk on XSSI are now online http://goo.gl/39orfD cc @kcotsneb @datenkeller
@slekies @BlackHatEvents @kcotsneb @datenkeller in chrome <script>var o={"first":"Foo","last":"Bar"};</script> iirc lets you brute "Foo"
-
-
@slekies@BlackHatEvents@kcotsneb@datenkeller if you can detect blocking. iirc the auditor truncates the script body at the comma -
@slekies@kcotsneb@datenkeller it's somewhat theoretical, but still something to be aware of
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.