Home | Projects | Articles | Search Me Web | My CV | Pic's | Contact Me

ShareStation ,   Peer-2-Peer TV       I Join CheckPoint      Subscribe   SafeCenter :   Are You Safe ?   Scan your PC online   Start Scan    Dev workshop :    web development    workshop,Demos,codes.    hit me    ask me    and i will try answer    go , ask . . .    Visitirs:       Google Desktop gadget    Free Privacy tool    to test Online    Privacy &Security.    Google Desktop gadget  Internet Security workshop    This workshop deal with recent security & privacy online threats .   this demonstrations  will not harm your PC.    Please don't use this source for other uses ,    except doing good to the world .   Peace & Love   Dror   &&(feel free to Copy&Pasta) Hacking the mass | Chinese Weekend Compromise Steps to World domination , on the Wild mass SQL injection Demo of Payload , on the Wild Ajax MDAC Exploit , on the Wild Storm Player Exploit , on the Wild Ourgame GLWorld Exploit , on the Wild VML Exploit , on the Wild Ajax Exploit , on the Wild Kodak Image Viewer Exploit , on the Wild PowerPlayer Control Exploit , on the Wild Qvod Player Exploit , on the Wild RealPlayer Exploit , on the Wild XunLei Thunder PPlayer Exploit , on the Wild Yahoo! Messenger Exploit , on the Wild IPhone Killer IPhone killer JavaScript Packers Packer de Dean Edwards, a JavaScript Compressor/Obfuscator ,by Dean Edwards a JavaScript Compressor/Obfuscator ,by Dynamicdrive.com Meta Scipts Tricks ,by me Yahoo Multiple Vulnerabilities Multiple Yahoo! Vulnerabilities and some tips and tricks ,by Nemessis Yahoo! Authentication Schemes ,by Nemessis Yahoo cookies decoder tool (old), created by i_n_f_o_w_a_r hotmail com & dror shalev A Crazy Toaster: Can Home Devices Turn Against Us? [ClubHack,India] PPT , $$ All in once ClubHack Site iToaster Src code Media Coverage Mpack web root kit demo Crazy Toaster UPnP Trojan demo Decodeed Mpack attack pics URI Handling + Internet Explorer 7 Could Allow Remote Code Execution Adobe PDF attack vector(run localy-Save As...) by pdp & cyanid-E Raed And Steal BootIni (old) by Sverre H. Huseb A Crazy Toaster: Can Home Devices Turn Against Us? [Defcon 15 Talk] PPT All in once DefCon Site Mpack web root kit demo Crazy Toaster UPnP Trojan demo Decodeed Mpack attack Crazy Toaster Src code linux upnp printer Src code fake intel access point upnp Src code Cross Application scripting IE:FireFox:Skype firefoxurl remote code execution , by toar larum Cross Browser Scripting Demo (with remote command execution) ,by Billy ,nate ,Raghav "the Pope" Dube shutdown skype ,by aviv raff Gmail Contacts CSRF -GMail Contact Information Disclosure PoC XML Entity - Zip Trick , my ver ,30-4-2007 notebook contacts for free , my ver ,16-4-2007 search history , my ver ,8-4-2007 bookmarks , my ver ,8-4-2007 Google Video , my ver ,20-3-2007 Google Spreadsheets , by me , 19-3-2007 Google Groups , by beNi , 18-3-2007 Google Docs , 1-1-2007 focus stealing vulnerabilities MSIE upload , by Michal Zalewski MSIE Paste & Steal file demo , my ver IE Exploits Threats [Tel-Aviv University |11-2-07] IE Exploits Threats History, , JavaScript evasion techniques, Heap Spray, Ajax worm abstract, , Security and Computer Forensics Forum GreenBorder Online Security Test GreenBorder Online Security Test , HTA + IE at it best , my ver XML ShellCode SetRequestHeader Microsoft XML Core Services XMLHTTP ActiveX Control CodeExecution ,ontheWild Microsoft XML Core Services XMLHTTP Open Crash , my ver Open + shell, New var,ontheWild Hotmail XSS , MyMSN Hotmail XSS , MyMSN ,by adriaan graas Hotmail info discloser, need active session , MyMSN 2005,by me me me Hotmail info discloser, need active session , MyMSN 2005,by me me me JS Port Scan JS Port Scan ,SPI Dynamics Browser Fun With HD Moore Month of Browser Bugs (MoBB) ,HD Moore MoBB #1: ADODB.Recordset Filter Property ,HD Moore MoBB #2: Internet.HHCtrl Image Property ,HD Moore MoBB #3: OutlookExpress.AddressBook ,HD Moore MoBB #4: Mozilla Firefox DesignMode ,HD Moore MoBB #5: DHTML setAttributeNode() ,HD Moore MoBB #6: StructuredGraphicsControl SourceURL ,HD Moore MoBB #7: Table.Frameset ,HD Moore Yahoo Multiple Vulnerabilities Authentication Bypass, Session Binding, Cookie Encoding Security Weakness, Cross-Site Scripting and URL Redirection ,by Rajesh Sethumadhavan IE Ajax XSS - mhtml redirect 302 can be Bad news to mails systems XSS allow read news.google.com ,by codedreamer & secunia duoble Trouble - 3 in 1 ,my ver Generic XSS via Ajax ,my ver Combo hack Web Mails via Ajax ,my ver i read Your Mail [gmail] ,my ver i read Your Mail [yahoo] ,my ver XSS allow read gmail.google.com ,my ver XSS allow read MSN ,my ver XSS allow read yahoo mail ,my ver XSS allow read gmail.google.com ,my ver Address bar Spoofing Flash IE Address Bar Spoofing,Flash ,by Hai Nam Luke ,Hanoi MetaSpolit HTML fuzzer IE Fuzzer , tool for finding Holes ,by H.D.more ,Aviv Raff Msf::Exploit::ie_iscomponentinstalled + shellcode , by Metasploit CSS Fuzzer , tool for finding Holes ,by Matt Murphy ,H D Moore,Aviv Raff, Thierry Zoller Kill IE CheckBox Shell+radio code -createTextRange Crash by MetaSpoilt.com CheckBox Shell code -createTextRange + CheckBox Crash by Computer Terrorism, Sand Blad IE Script Action Handlers createTextRange + CheckBox Crash WMF downloader Buffer Overrun on WMF files demo on the wild tool , make your own WMF downloader DOS IE MS Internet Explorer 6.0 (pre tag multiple single tags) Denial of Service by Markus Heer Crash1 - datasrc Denial of Service by Christian Deneke, Thomas Waldegger Crash - mshtml.dll Denial of Service by Christian Deneke, Thomas Waldegger CSS import + Google Desktop IE Flaw Allows Data Theft by Matan Gillon ,IL IE Flaw and Hotmail hack via Import My ver IE Prompt + window() Shell Code IE "window()" Arbitrary Code Execution Vulnerability by Stuart Pearson ,Computer Terrorism GMail owned GMail owned , a real Classico by Cesar & ANELKAOS XSS on Gmail and Google , Nir Goldshlagger & some help by me {fix by vendor after 30 days} IE Killer Nested Style IE crash[mshtml.dll] via nested Style IE crash via nested Style , my ver , kill all open IE IE Null Problemo Internet Explorer ignores NUL characters ,by heise Security Internet Explorer ignores NUL characters , paper ,by heise Security Firefox URL Domain Name Buffer Overflow(IDN) Mozilla Kill - IDN Host: ,by Tom Ferris Attacking MD5 (2 html with 1 md5)- Dan Kaminsky Lockheed Martin, md5sum c0f3adb824590b40944614268e627421 ,by Dan Kaminsky Boeing ,md5sum c0f3adb824590b40944614268e627421 ,by Dan Kaminsky badboyz honey Corner Tutorial For Sending Unlimited Nudge In Msn Messenger 7 !!! ,by badboyz honey Orkut Hacking Tutorial Pasted !!! ,by badboyz honey Mozilla XPCOMM Race Conditions Mozilla XPCOMM Race Conditions ,kill FireFox ,by JeiAr Jpeg Shit -again ICC [ms05-036] Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution ,On the Wild POC for jpeg ,On the Wild Fox on Fire - Remote compermise FireFox Mozilla Firefox "Set As Wallpaper" Code Execution Exploit ,Michael Krax (Mikx) Set As Wallpaper make Dir , my ver Data element Inject IMG JS ,Michael Krax (Mikx) Java Java , Proxy Proxy (ms05-037) A COM Object (javaprxy.dll) Could Cause IE Kill Java Java Proxy Proxy Shell Code , k-otik , fr Multi Broswer Spoofing Trick dialog origin vulnerability by secunia dialog origin vulnerability My ver Adobe Reader 7 XML External Entity (XXE) Attack-Read & Steal Local files Raed And Steal BootIni by Sverre H. Huseb Raed And Steal EtcPasswd from Linux by Sverre H. Huseb Raed And Steal EtcPasswd from Tomcat@win by Sverre H. Huseb JS 'Ghost' Script JS 'Ghost' Script by Pascal Vyncke,bl MyMSN Hack MyMSN JS revealing someones privacy by Dror Shalev 2-6-2005 Screens 2-6-2005 After Prev Bug , My Hotmail [2003] Account Was Cancelled By Hotmail , IE Crash on to many stack overflows Crash on processing embedded files with endless loop by Benjamin Tobias Franz Crash on to many stack overflows by Benjamin Tobias Franz Crash on JavaScript "window()"-calling by Benjamin Tobias Franz MSSQL BrutForce via IE MSSQL Server Passwords Bruteforce via SQL Injection & HTA (PoC) by offtopic. MSSQL Server Passwords Bruteforce via SQL Injection zip version Cross Site Clicking Cross Site Clicking by Viper FireFox cross platform remote compermise firefox 1.0.3 spoof+auto dl on the wild , by John smith Mozilla Firefox 1.0.3 Remote Arbitrary Code Execution Exploit by k-otik favicon UniversalXPConnect by mikx screen firelinking.htm by mikx IE DHTML Object handling Exploit Basic Exploit by idefense InternetExploiter2 ShellCode by Berend-Jan Wever more Crashes milw0rm.com Mozilla Thing Mozilla Arbitrary Memory Exposure by Azafran Mozilla Firefox/Suite Information Disclosure Vulnerability by Azafran XSS Tricks XSS Cheatsheet for filter evasion by RSnake IE HTML Help Control ActiveX Cross Domain/Zone Cross-Domain Scripting vulnerability by roozbeh afrasiabi Cross-Zone Scripting vulnerability by roozbeh afrasiabi Disbale Norton AV via VBS Norton AV Bypass Script NavByPass.vbs Spoofing URL URL spoofing bug in Excel By malware , the man URL spoofing via magic dns By malware , & "bitlance winter's" ,p h i s h i n g p h o r p h u n p h o r p h u q u e s a k e Internet Exploiter MSIE IFRAME src=... name="..." BoF PoC exploit By skylined,Berend-Jan Wever CodeNow-encoder/decoder script By skylined IE spoof via XSS a generic cross-site-scripting situation By Malware Adress Bar XSS Inject my ver Google Google Custom XSS By Jim Ley Google Simple Custom XSS By Jim Ley Adress Bar XSS Inject my ver he is back - xml XSS Yet another IE aperture ,by the Source -Georgi Guninski Jpeg Shit Jpeg Trojan , on the wild Google ToolBar Inject GoogleToolbar's About section allows injection of script , by Viper GoogleToolbar's About , local zone , my ver Phising Tricks Alfa Filter Phising , by mikx Fake Link email , image link , found on the Wild Fake address bar ,exploit from the Wild , used to scam citibank clients Fake address bar ,exploit from the Wild , used to scam PayPal clients IE Winamp Skin File Arbitrary Code Execution Winamp Skin File Arbitrary Code Execution Vulnerability , by K-OTik.COM found on the Wild Malware- theMan - Best of Internet security What A Drag! , auto scroll bar Drop revisited by mikx , original by http-equiv trivial scripting in the local zone & notepad icon regardless of file in XP's zip by http-equiv What A Drag II XP SP2 Deadly Drag&Drop Exe into startup ,by Mastro http-equiv Drop HTA in to user Favorites , my ver Drop a Text file in to Desktop , my ver Deadly Intranet Zone D&D by http-equiv Opera/IE Local File/Directory Detection Opera Local File/Directory Detection , by GreyMagic , IL. IE Local File/Directory Detection , by Martin [XyborG] Aberastegue Browser Address spoofing IE Address bar spoofing by Die liu yu IE Address bar spoofing , no Alerts by Die liu yu Mozilla Address bar spoofing by Tolga Tarhan Creazy Image Driver for display goes to a infinite loop by viewing a html! by Bipin Gautam FireFox spoofing FireFox spoofing by Jeff smith GreyHats - 7 vulns in IE All the examples by Paul HijackClick 3 Remote compermise by mastro Malware XSS by Paul MSIE Download Window Filename+Filetype Spoofing Vulnerability by Paul Site Spoofing by malware SSL Site Spoofing by malware, my ver Hotmail IF IE XSS - patch yet Hotmail ,7-6-2004 published anonymously 7-21-2004,in Japan shell+ShellExecute Remote compermise HijackClick 3 ,Remote compermise by Malware.com CMD + local zone + param , by Jelmer,Malware,Liu Die Yu CMD + local zone + param , my ver IE Frame XSS issue Spoofing Cross site frames ,asus bug by Malware IE execution of arbitrary code (used by spyware) IE execution of arbitrary code by Jelmer(An analysis of the 180 Solutions Trojan) IE XSS by Liu die yu (simple version) IE Address Bar Spoofing Vulnerabilities COELACANTH: Phreak Phishing Expedition ,Address Bar Spoofing Vulnerability , by bitlance and http-equiv. SSL Address Bar Spoofing Vulnerability , by mastero http-equiv ;-) Opera ver7.50 Address Bar Spoofing Vulnerabilities Opera Browser version 7.50 Address Bar Spoofing Vulnerability , by bitlance. Opera Shortcut Icon Address Bar Spoofing Vulnerability , by GreyMagic. il IE ImageMap URL Spoof Vulnerability Internet Explorer ImageMap URL Spoof Vulnerability , by Paul Kurczaba IE ms-its: and mk:@MSITStore: vulnerability Showhelp() local CHM file execution ,by roozbeh afrasiabi Showhelp() local CHM file execution ,poc code ,by roozbeh afrasiabi IE ms-its: and mk:@MSITStore: vulnerability , run exe , by use CHM file,Jelmer chm - information discloser , get user info , by use CHM file IE ms-its: and mk:@MSITStore: vulnerability download zip Windows Help Center - by wood man Windows Help Center - Dvdupgrade ,by morning_wood , the Wood man Windows Help Center - Dvdupgrade ,fake MSN DVD upgrade Fake Address bar script Fake address bar ,exploit from the Wild , used to scam citibank clients Give a Hand! Liu got a PC -for Liu Die Yu, thank you all ;-) Donate a PC -for Liu Die Yu JS Type logger Key logger by iDefense ,IE XSS , Cool demo Hotmail Hot keylogger Dror ver,Cool demo clippy Clippy IE and Microsoft clipboard poor security policy cross zone scripting in IE shell:my Desktop wallpaper by roozbeh afrasiabi shell:my Desktop wallpaper + Read cookie by roozbeh afrasiabi shell:my music XSS cross zone scripting in IE shell:my video XSS cross zone scripting in IE Shell Game XSS cross zone scripting in IE , by malware.com DiscloseNFO.html by roozbeh afrasiabi ReadCookies.html by roozbeh afrasiabi shell_my_music.htm 9628-4 Netmeeting 9628.htm 9628-1.htm 9628-2.htm 9628-3.htm Sandblad #12 Sandblad #12 Inject javascript url in history list (revisited) Sandblad #12 my ver-Codebase trick Self-Executing HTML - the all Store of Malware Self-Executing FOLDERS: Windows XP Explorer Part V by http-equiv@excite.com Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV by http-equiv@excite.com Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part III by http-equiv@excite.com Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part II by http-equiv@excite.com Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part I by http-equiv@excite.com self-explanatory Outlook Express email by http-equiv@excite.com Zip : AIM Password theft found on the web VBS Bad assby dror shalev css importby star dust WMP & ADOby jelmer Arman Nayyeri Semnan, IRAN (New player) IE 5.x-6.0 allows executing arbitrary programs using showHelp() and winAmp RealNetworks fails to address Cross-Site Scripting in RealOne Player Self-Executing HTML - Part III Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV by http-equiv@excite.com IE file downloading security alerts bypass Internet Explorer file downloading security alerts bypass Webmails XSS Finjan Software Discovers a New Critical Vulnerability In Yahoo E-mail ServiceBugTraq Post Yahoo cookies decoder tool, created by i_n_f_o_w_a_r hotmail com IE Spoof URL Fake MS IE Spoof URL Fake MS email for hijack passport info by http-equiv@excite.com 1stCleanRc-Xp installation and execution of a malicious executable on a vulnerable client system -by die liu yu Free pop Blocker Pop Blocker -by dror shalev CNN Search XSS- Fake News search CNN -star dust & dror shalev Liu Die Yu Vs MS - second round IE Remote Compromise -by Getting Cache Location Cache Disclosure -Cache Disclosure Leads to MYCOMPUTER Zone and Remote Compromise Invalid ContentType -may disclose cache directory Note for "Invalid ContentType may disclose cache directory" HijackClickV2 a successor of HijackClick attack BackToFramedJpu a successor of BackToJpu attack New "Clean" IE Remote Compromise MHTML Redirection Leads to Downloading EXE and Executing Donate a PC for Liu Die Yu Kill Bill Kill Bill - Run Local XP exe & OS detection TRick Internet Explorer TRick Internet Explorer - Get the Essence of Internet Explorer Tricks IE6 ADODB Trojan ADODB as Fake Gif ,Britney.jpg Trick ADODB SSL Execution, my version ADODB Execution, my version ADODB + CodeBase Execution Check if your Vula IE6 CSS-Crash IE6 CSS-Crash ie6-crash.htm , by morning_wood Microsoft Hotmail Vulnerability - first Hotmail Worm Hotmail & Passport (.NET Accounts) Dash-3 Vulnerability , by Dror shalev 22-9-03 Paper , Post , Screen shot After Prev Bug , My Hotmail Account Was Cancelled By Hotmail , (IE & MSN expose contact list & other info-2002) Code Execution XML IE 6 XML Patch Bypass , Code Execution, Mindwarper GenXE- Generate Xss Exploits GenXE- Generate Xss Exploit Automatically by Liu Die Yu GenXE- Generate Xss Exploit LiuDieYu Vs Microsoft , Cooool New Concepts EzXpXn General theory of IE and other similar things file-protocol proxy XSS, cookie/data/identity theft, command execution NavigateAndFind protocol history ,XSS, cookie/data/identity theft, command execution window.open search injection ,XSS, cookie/data/identity theft, command execution NavigateAndFind file proxy ,XSS, cookie/data/identity theft, command execution Timed history injection ,Multi-Thread version ,XSS,cookie/data/identity theft, command execution history.back method caching,XSS, cookie/data/identity theft, command execution Click hijacking 1+1=2,Pointing IE mouse events at non-IE/system windows Download ALL LiuDieYu Papers Read Liu Die Yu Original Paper LinkillerSaveRef ,another caller-based authorization LinkillerJPU, :another caller-based authorization(is broken). Findeath, break caller-based authorization BodyRefreshLoadsJPU,refresh is a new navigation method Linkiller:break caller-based authorization NEW POSTS BackMyParentSon can be bad NEW POSTS HTML Trojan Trojan execution via WMP injection by ,k-otik Media bar ressource injection by ,jelmer Replace WMP and run by zip ,jelmer IE Object Data Remote Execution Vulnerability AOL AIM Password theft , exploit found wild on the Web test if your PC Vuln eEye - by Drew Copley , Research Engineer My Way , extend HTA & cmd http-equiv Malware.com Bad news from http-equiv Malware.com Window Media Trojan Once Again!,Malwar Microsoft ISA Server XSS ISA XSS ,Client & server Side Chromeless window vulnerabilities Chromeless , IE Chromeless window vulnerabilities Chromeless Fake Crash Web Application Secuirty DemoBank , interactive learning environment for web application security Hacking With _Javascript ,Written by b0iler for http://b0iler.eyeonsecurity.net ASP Security ,Twenty Don'ts for ASP Developers Threats and Countermeasures , From Microsoft Bypassing content filtering whitepaper , by 3APA3A Crash The Opera Denial of Service in Opera gets freeze down DoS Attack Abnormal termination is caused DoS Attack Abnormal termination is caused. DoS Attack Abnormal termination is caused. DoS Attack CPU usage goes up to 100% (depending on its specs) and the computer freezes. Copy&Paste Starge Copy&Paste Environment Variables Discloser Outlook XP IE Allow Read Office XP OutLook emails Old Bug that back from the Past (Georgi Guninski) Crash Me Buffer Overflow Collection , Send me More Fake Crash ie6-crash.htm , by morning_wood Cross-Platform Browser vulnerabilities killMozilla.htm Crash Mozilla 1.5 , by Marc Schoenefeld Cross-Platform Browser vulnerabilities [Not IE] , by meme156 First W2k3 Patch Buffer Overflow In IE's Object Tag Yahoo! Messenger Yahoo! Audio Conferencing Yahoo! Messenger Call Center Spoofing IE File Type Cup Holder on Jpg file. vbs on mdb on Jpg file. script embeded on funny picture on Jpg file. Flooding IE security zones Flood User to Execute Any Trojan. Top 10 Vulnerabilities to Windows Systems FBI Top 10 Vulnerabilities to Windows Systems (sans.org). Help Center Uplddrvinfo.htm Contains JScript Code That Permit Delete Files . Mozilla (Netscape) Netscape 7 Fake address bar Cross-Platform Browser vulnerabilities , by meme156 Steal Hotmail.com Cookie from Mozilla , liu die yu cracked restriction of 'zone' in mozilla , liu die yu . Read Inbox Hotmail.com Read Contacts Hotmail.com Read Address Hotmail.com Create Folder on Hotmail.com Top IE vulnerabilities Top IE vulnerabilities , Demos & Test . ShowHelp2 Net Send Spam Run Apps Style attack XSS - Cross site scripting Pretend Fake News Flash! Attack Self-Executing HTML Self-Executing HTML Demo , Light my Fire . Hijack Click Hijack Click To Read Local Files . Put Local Files use drag&drop . Steal File useing Drug&Drop Ctrl/Shift Steal To Read Local Files . Fake News Fake News Fake News Extend demo , CNN , MSNBC,MTV Flash XSS Multimedia MultiMedia XSS , Pretend , Steal Cookie , Inject Html,FakeNews GreyMagic On the Opera Opera's Security Model is Highly Vulnerable. Phantom of the Opera , Opera fails to format input strings in Javascript console Opera Images , Opera fails to format input strings when viewing single local images What's Next , Opera exposes the last and next URLs in the browser's history Sniffing Opera's Tracks , Opera permits indirect access to a list of URLs visited by the user in the current session. Heeeeeeelp Onther ShowHelp Method allow Run CMD with PARAM IE ,ShowHelp Method allow Run CMD with PARAM Kazaa & you Detect SuperNode , User name ,from P2P App Do You Kazaa ? , Privacy & Sercurity Problems couse by P2P App Share List Discloser , Privacy & Sercurity Problems couse by P2P App Browsing History Browsing History , Enumeration Using CSS IEHK Internet Explorer Hacking Kit , different tools and samples for playing with IE vulnerabilities. CrossZone - XSS XSS Search engine , Show NOT FIXED Cross Site Scripting Sites. Top 20 XSS Sites ask.com XSS Cisco XSS HTML Injection See How can JS file can be Inject Via any XSS FakeNews CNN, MSNBC Flash! multimedia XSS Xss Problems Via IE IsraeXSS Leading Israeli Site Have Xss Problems classic XSS html tags Who Needs Friends ? IE & MSN expose contact list & other info After Prev Bug , My Hotmail Account Was Cancelled By Hotmail "Net Send" Spam Popups via Netbios , Allow send Junk Via Internet (without IE help) Fixed Bugs By Microsoft External IE ,IE Method caching ,External html Trojan - Feel Lucky ?,IE allow write vbs on your c drive and run it IE Style Attack , Read Cookie ,XSS [crack ,read ] IE & The D-Day,Internet Explorer : The D-Day IE Document.Open() Cookie Stealing, File Reading, Site Spoofing Bug Bad Parents , Crack Local Zone [crack ,read,run ] AOL AIM AOL AIM Password theft Get Windows User IE allow write vbs on your c drive and run it Who Framed IE Bug enhanced Hotmail Hotmail & Passport (.NET Accounts) Dash-3 Vulnerability , by Dror shalev 22-9-03 Reset password -Passport.NET Hotmail [closed after 5 hours] Steal Hotmail.com Cookie from Mozilla Read Inbox Attack Seacrh Attack Style Attack , Read Cookie ,XSS [crack ,read ] Stealing Hotmail Cookie Stealing MSN Group Cookie (Passport Cookie) SaveRef Agent check Hotmail Steal Email Address(IE6) Flash Attack MSN Group Back theft Cookie Steal Win.ini Via Hotmail The Pretend MSN Clone (Key logger for hotmail password) New Email ? Server Side Cookies (XSS) classic XSS html tags Style Attack , Read Cookie ,XSS [crack ,read ] Cross Site Cookie theft (Server Side) Who framed Internet Explorer? Stealing MSN Group Cookie (Passport Cookie) Stealing Passport Cookie Via Server side yahoo Cookie Via Server side Excite Cookie Via Server side Yahoo! Mail Yahoo! Messenger Yahoo! Mail on a Risk Steal Yahoo! Cookie IE Document.Open() Cookie Stealing Style Attack , Read Cookie ,XSS [crack ,read ] Trust No One Pretend As Other Site ,SSL , Passport Zone Spoofing IE Document.Open() Site Spoofing Bug Cookies Style Attack , Read Cookie ,XSS [crack ,read ] SuperCookie via WM Cookie theft (Java script) Flash Cookie theft SSL Session Cookie Back theft Cookie IE Document.Open() Cookie Stealing Windows Info Browsing History , Enumeration Using CSS System Snoop , Common apps Snoop, by Dzzie Get Current User Get User Location Get MAC & more Check for Security Risk Pop up Killer Geo Track Geo Track , Visual Trace Route Get User Location Get MAC & more MSN Messenger Messenger Web Access Messenger Web Access(IE6) Agent check Hotmail MSN Clone (Key logger) Steal Email Address(IE6) New Email ? Run Apps Command Line Execution with PARAM Bad Parents , Crack Local Zone [crack ,read,run ] Control Panel Execution Run apps Command Execution Command Line Execution Command Execution (Run Explorer) Upload Local Files Steal file with in CTRL or Shift Press Steal Win.ini Via Hotmail Security Zone Spoofing IE Security Zone Spoofing , About Pluggable Protocol Bad Parents , Crack Local Zone [crack ,read,run ] Read Local Files IE Allow Read local files Bad Parents , Crack Local Zone [crack ,read,run ] Popup Killer See what a Popup Add window can do Unorthodox Bug Finding Techniques Unorthodox Bug Finding Techniques (by thePull) Respect - Security Read More & Links Georgi Guninski ,IE - Security Research , first one ? Liu Die Yu- Super 17 years old ,China thePull , my Hero :-) umbrella- the official site of Liu Die Yu Thor Larholm , Super expert - Unpatched IE security holes Malware- http-equiv , IE & email stuff GreyMagic - IL , hash company Andreas Sandblad - sw , security research Securiteam- Security news security focus- Bugtraq

   © Dror Shalev All Rights Reserved.