Considering that a lot of people use JS in their browswers...
1. Copy the cookie value of perlmonks.org to another cookie for mycustomserver.com
2. Post a cute link or something and have the victim visit it at SOME time, either via cb, a node or something.
3. On mycustomserver.com, have your home page capture the cookie and write it somewhere. Then its a matter of reusing that cookie.
As for passwords, I haven't played much with iframes, js and capturing form fields
yet, but I wouldn't be surprised if something can't be concocted.
Just some thoughts on your comment. And what BUU is pointing out, is if someone does hack the server and gets all passwords, the site becomes useless, and everyone has to start over.
Play that funky music white boy..
Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
Read Where should I post X? if you're not absolutely sure you're posting in the right place.
Please read these before you post! —
Posts may use any of the Perl Monks Approved HTML tags:
- a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
| |
For: |
|
Use: |
| & | | & |
| < | | < |
| > | | > |
| [ | | [ |
| ] | | ] |
Link using PerlMonks shortcuts! What shortcuts can I use for linking?
See Writeup Formatting Tips and other pages linked from there for more info.