i cant fucking make a t35 its so annoying when on a link almost gace me a virus stupid wanker t35

help me make h aaaacc c ks on this webiste and i will make you adddmin.

darkmarket2.forums.net.bz

wtf



wat the heck? i watchd this video many times. didnt understand any of those. mind is fuck.

is ur website stil vulnerable to script? cuz i cand see the alert :\

great video guyz ! keep it up :D

@MatteBajsKorv

Fuck off you skiddy shit. Do it manually or not at all. I bet you do some easy shit SQLi and then think ur 1337h4x.

@SixsixxGaming u gotta learn how to do it manually ur right all i find is script tutorials i wanna to learn how to do what I'm learning u should make a tutorial or whats a good forum?

@dominick1290 hackforums(.)net

go to the Website Hacking part, theres usually a new XSS, SQLi and FTP hacking tutorial (usually detailed) posted there every couple of days.

@SixsixxGaming thanks dude its a good website i already have an account

mus-clan.nl  you can sing in free ore use

wizzard-sucks

123456

u rock man................



holy shit, i never knew you could do this!

Give us the catcher file!!!

u guys are amazing. u make it look so easy.

@stephan288

It really isn't that hard if you've studied web development, and know what XSS is.

what are you studying?

computer engg?

lol cookie stealer is vulnerable to XSS.

How did you login to that site without knowing the true credentials.. ?

Good Hack On The Contact Page, Not Forums Because Vulnerability Was Fixed

Try another website ,bot

nice! greets from mexico!

good video

Finally a decent demonstration on how XSS works.Thanks guys.Greetz from Germany

i want the code for the cookie.php

Program for hacking site

megaupload. com/?d=7R8DGE92

fuckn noobie, add please a ; after your script in in the javascript clause,

and dont use it on old forum systems for showing us how l33t you are, so please stfu

You guys get thumbs up for static x intro :D

let's hack youtube!!! =)) LOL

Thank you so much guys. This is very good stuff. I think any web admin needs to watch these vids. Great insight into the vulnerabilities of web dev. Just one request, it would be great if you guys could choose a more "neutral" music intro, hehe, rather than metal which appeals to a rather small minority :P. Or at least you could equalize the volume a bit more between the intro and the demo that would be sweet. :P... good work guys. Cheers! :)

lol to all the people trying to inject html into this comments

what all programming languages are required for hacking?

and also scripting lang used for hacking?

@rockersx2x well obvoiusly there isn't a specific language for progarmming or scripting but some core languages are PHP,Perl,HTML,C++ and lots more

a=11

eval(a)



a=11



><IFrAmE SrC="jaVaScrIpt:alert(1111)"&#­62%20,%20,bbb,ccc,dd,eee,eeee,­

Online women for dating  # lushfmlk.info #

The real irony in all xss attacks is how simple they are to prevent... I've been explaining these for almost 10 years now and I'm still amused at how often these problems keep appearing in applications.. albeit, not as common as 10 years ago and sometimes not as obvious as a discussion thread but still.. nice POC

1:01 - 1:04 XD! BYPASS THAT ASS WELL OK?

are a black hat or white hat or grey hat

Bold test



PLS show the full cookie file at 3:28 pls or send it to me as personal message :)

what is the code for this cookie catcher included in the video?

whats the code for this cookie catcher?

I was just randomly researching a topic via a Google search, specifically "enzymes heat". I clicked on what looked like a legit webpage and a pop up at the top of the browser said something about blocking cross site scripting. Then about a minute or two later, the URL showed an IP address, and the screen switched to the usual "you have a trojan on your computer". What the hell is this? And why did this happen on a science webpage. I could see a porn webpage, but c'mon.

which band is that plz?

static x

Does it get the cookies of all users or just of yours?

O.O didnt understand a damn thing

what website or forum u guys tested it on? i couldn't capture cookies from any websites i tested..

u can also install apache and type localhost in your URl box to test your stuff

I use javascript to insert an iframe on page and next I send the cookies by the iframe, it's "more silent" and you didn't have to redirect the page.

Nice work :)

I have a website and i tried you're methods. The first one works. The iframe way doesn't. It doesn't send the cookies. Why?

use Firefox and see if are any syntax error on your code.

Tools - Error console (something like this)

i have question for you ,what web no have forums how send script?( sory my english so bad i now)

so what excatly can you do with the cookies

you can login as the person you stole the cookies from and do whatever you like.

Well, eat them.

you can be the user that was attacked , it's like you have the victim login values.

Imagine that you stole the admin cookies, you can login with them and do what you want (like destroy the site).

do u guys remember how to hack cookies.. and change the value of something

superb vid dude............i love it

what happened to your guys site?

did it get hacked??

What?

When you had the cookies sent to you, there was also an IP. I'm kind of confused but is there any way you could telnet/ssh or connect to that computer with the ip?

What could you do with it?

well ips dont really work like that

mmmmmm maybe yes maybe not.... it depends of the victim system....

If you were to install kismet on BT4 how would you do it

@Gregorpm I am 10 (wannabe hacker) and i understand this :D

lmao

@Jedilost1 caralho porra que foda

@Jedilost1 you are really retarded.

@JohnyFront didn't stop your mother from suckin my dick

@Jedilost1 Look who's talking...

nice vid but you peeps need linux, i only use windows if im fooling with netbios hacks etc.

Um... They do use linux. They use backtrack 3/4

ive never used tht linux i seen the start menu and windows came to mind, i wish i could get redhat tho :)

wow nice cant undestand one word you said

Well.. listen harder. I can hear him fine.

thanks a ton patchy for this.. i read almost all tutorials on hackforum but this video is the one who really explained what's really going on... thanks again

How do I find sites that are vulnerable to this attack. Any examples

could you please post your php script code - i'm am having trouble reading it all and some is offscreen. Thanks

Date and what?

Referer?

Hmm , no sites seem to be vulerable :(

could you provide me one (my risk , you take no responsibility)

thanks :D

You must not have really thought out that comment. By providing you with a website vulnerable to these attacks, they're both automatically responsible. <_<

iz it work? im gonna try it later

very very cool!

could you please post your php script code - i'm am having trouble reading it all and some is offscreen. Thanks

great

Oh man at the end you redeemed yourself boys... I thought you were just going to explain like everyone else how to steal cookies, inject xss... blah blah blah. Glad you decided to show someone how to inject the cookies you get. Couldn't have made it simpler myself either.. well maybe but still. Good job!

umm cool but kinda hard to copy all this down lol XD

oh, the sweet sounds of december...

so sweet and gentle...

gotta love death metal

You are a moron. Jamesgo is a virus that spreads through USB storage devices, and the reason it is on my site is because I explain how to remove it. I posted the code so people could mess around with it. Jamesgo is harmless if it is not executed. Jamesgo is NOT automatically downloaded onto your computer when you visit infinityexists!

Obviously you have know idea what you are talking about. You are confused with McAffee site-adviser which alerts you when it finds viruses on a website. Yes, jamesgo is on my website, but it is in a harmless zip format and is there so that people can examine its code.

As explain in my post about Jamesgo

infinityexists[dot]com/2008/01­/09/usb-worm/

Believe me if I wanted to infect people's computer I wouldn't use a virus so easily detected :)

@Gregorpm What do I need to do to learn all that? As an analogy: It seems like you're explaining Differential Equations, Linear Algebra or Complex Analysis to a guy (me) that hasn't learned basic math yet. I'm starting classes in basic HTML at my school, is that a good start to learn all that? Thanks.

i srsly hope he hacks the shit outta you for being such a fucking idiot. Maybe if you pulled your head outta your ass you'd realize that he's doing all this for Demonstration purposes and doesn't actually plan to cause harm to people's computers. Like he said, If he wanted to infect ppl's computers, he wouldn't use such an Obvious Virus...

Fucking n00bs...

I have looked up mcaffee's report (siteadvisor[dot]com/sites/inf­inityexists[dot]com/downloads/­16510046/). Key words in this report is "In our tests" that means Mcaffee downloaded the Jamesgo.zip from my site and extracted it, and obviously jamesgo is a virus that why my site was marked. This report does not mean Jamesgo is automatically downloaded on your computer. You really should get your facts straight before accusing people of fowl play.

AmericanDiaz, that is one of the worst arguments I have ever heard.Jamesgo is a USB (thats USB in case you missed it)virus, it spreads via (guess what)USB. It would be very difficult(if not impossible) to spread through a browser, the privileges are not high enough, and its zipped, another exploit would have to be used, which has nothing to do with jamesgo.

On top of that, you are then very offensive, with no intellectual argument whatsoever, and little (or no) knowledge on the subject at hand.

@AmericanDiaz You're the kid, hating on the video maker because you can't do this. Second of all, he has 4000+ Subscribers. Yeah. He got that much by giving people viruses. Get the fuck off youtube. Troll.

i fucking luv ur vids.

Guys this is fucking good explained :D Thanks for sharing with the hack community :) Greetings and happy new year :)

damn lol how can i make it works here

nice.........wat was the cookie cather agian ( website )

love your tutos

Yeh real great video! nice ^_^

Great Video!

from where do u get the cookie catcher?

It's vBulletin version 3.7 RC 2

very very great vid thanks guys

well i still dont know whats is that php file for anyone can help me out here?

XSS Owns :D

Thanks guys, this is very 'informative'

Los Angeles Police Department website is loooooooooose...lol

brillaint video guys.. thanks for uploadin it- really useful.

howd u login as user? i'd like to know how to do that :P

buen tutorial

how do u make the t35 site and do the cookie catcher cause cant figure out what to do??

hey anyone has a demo forum that we can try this out?

make one

What song is that please?? :)

Get to the gone, by Static X

Kick ass band.

nice tutorial!!!

neat tutorial guys

lol lapd site is vulnerable :)

Today i will try to watch it Thanks Really Great ;)

How do you make your website invulnerable to that kind of stuff?

I use the php function htmlspecialchars on all user input (GET,POST, and cookies)

lol your cookie stealer is vulnerable to XSS!

lol o well

those kind of "xss" attacks won't work anywhere. Just give it up, script kiddies

A persistent xss attack is unlikely; however, it is quite possible to find non-persistent xss flaws in a website. In this video we cover both.

5/5 great video

ok i get the ip and the url and time but i dont get any cookies

I already found a vulnerable forum to this XSS, if you want the URL then message me.

Lol having cookies. I never get used to that.

I am view 5600... :P

but great vidd

scarry like.

what song is the intro??? Anyone know? It's BADASS

Static-X "Get to the Gone" off of Machine ( 2001 )

would this be able to be done on a more popular site eg: myspace, due to more people going on it you could steal there cookies or would this be covered and disables in more "mainstream" sites?

thing is that myspace does not allow javascript so they have been smart and taken a precausion but there is another way to do it and im on my way to finishing the program to do it so message me if you are in need

superb video...thanks guyz

I can't see the whole 7th line. please, can someone tell me what it is?

and how should i upload it to my t35 site?

uh oh decatcher decapture? what program is this

oh man..that is sweet.. very helpfull thanks guys

is there any way to brows these peoples' website without them downloading effin downloaders onto your computer?

thanks, you guys rock. Please make them more often :>

Nice, i might have to try this lol

very helpful

nice job

do you think you can help me with an xss problem that i am having? reply to this and i will email you the problem