DotNetKick.com is an open-source project. Please report any bugs and let us know your great suggestions. Currently running svn revision 637 (rss)

Kick Spy!, Kick Zeitgeist and Kick Widgets

1
kicks
Intel has video repository
submitted by Neo_4583 2 years ago

neo-official.blogspot.com — I think all of you like the idea that you don't have to read content in Channel 9 at msdn http://channel9.msdn.com/ I found that intel did something similar

Add a comment 1 comment | category: | Views: 0 | Get KickIt image code
tags: , | tag it

new Add a live kick counter to your blog >> liveImage

You can even customize the image by choosing your own colors, and then clicking the button below to update the preview and the html code:

  • "Kick It" text
  • "Kick It" background
  • kick count text
  • kick count background
  • border

Simply copy and paste this HTML into your blog post.


Users who kicked this story:
Neo_4583

Comments:
elSalmao Alikum
Dear Ahmed, thanks for the nice article, you're mentioning something that already happen to me, it is a simple page with a client-side script which could be XSS as you mentioned, but anyway they kept the session-ID, and then they can get access EVERY TIME to the email "Hotmail" I even challenged the guy to change the account password after I change it, and still he can get access to it somehow and change it again and again !... weird,…

Anyway, in your previous post you mentioned the Session-ID and I was wondering what do you mean by session-ID, do you mean this long query-string sent on the Hotmail pages url, or this is a Session-ID created by the browser itself ?

Because I don't understand what is the relation of any link that could be sent using the MSN itself and when I open the link "click the link direct" it will open-up the associated program of that link "which is IE Internet Explorer", means it will execute the url "shellExecute API" , the browser will "navigate" to the given URL ? what is wrong with that?

Another question,… XSS can give you the access to the information from whatever the DOM of the HTML object or any element maybe, but what is the type of information that would be used to let another user get access to the Hotmail email, ? I don't think it is the url?, if I give you the link of my INBOX once I logged, you will not be able to view the link, unless you pass the authentication first ! ?

Thanks
Jazakum Allahu Khayran
Your friend "Mohamed Shehata "a.k.a "S|M|O|K|E"
posted by smoke 2 years ago



information Login or create an account to comment on this story
 

Sponsored Link: www.carlist.ie

Search:

Ads by The Lounge

You are the editor:
View upcoming stories
Submit a story
How else can I help?
Earn money
Tags: all tags - your tags