Brad Fitzpatrick (bradfitz) wrote in lj_dev,
Brad Fitzpatrick
bradfitz
lj_dev

An easier way to find CSS exploits

Another way to get permanent accounts, if nobody has beaten you to the exploit:

http://www.test.dev.livejournal.org/misc/csstest.bml

Find some CSS which does an alert box (or any JavaScript, but alerts are very in-your-face), then email me with at least subject "XSS-LJ whatever", the browser, and the CSS you put in the box.

Happy Hacking.
Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 15 comments