Cookie Consent by Free Privacy Policy Generator ๐Ÿ“Œ Self-XSS - Self-XSS Attack Using Bit.Ly To Grab Cookies Tricking Users Into Running Malicious Code

๐Ÿ  Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeitrรคge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden รœberblick รผber die wichtigsten Aspekte der IT-Sicherheit in einer sich stรคndig verรคndernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch รผbersetzen, erst Englisch auswรคhlen dann wieder Deutsch!

Google Android Playstore Download Button fรผr Team IT Security



๐Ÿ“š Self-XSS - Self-XSS Attack Using Bit.Ly To Grab Cookies Tricking Users Into Running Malicious Code


๐Ÿ’ก Newskategorie: IT Security Nachrichten
๐Ÿ”— Quelle: feedproxy.google.com


Self-XSS attack using bit.ly to grab cookies tricking users into running malicious code

How it works?
Self-XSS is a social engineering attack used to gain control of victims' web accounts by tricking users into copying and pasting malicious content into their browsers. Since Web browser vendors and web sites have taken steps to mitigate this attack by blocking pasting javascript tag, I figure out a way of doing that using Bit.ly, so we can create a redirect pointing to "website.com/javascript:malicious_code". If the user is tricked to run the javascript code after "website.com/" the cookies of its authenticated/logged session of website.com will be sent to the attacker.


Features:
Port Forwarding using Ngrok and shortner using Bitly.com (Register for free)

Requirement
https://bitly.com account (Register for free)

Legal disclaimer:
Usage of Self-XSS for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

Usage:
git clone https://github.com/thelinuxchoice/self-xss
cd self-xss
bash self-xss.sh

Author:ย https://github.com/thelinuxchoice/self-xss
Twitter:ย https://twitter.com/linux_choice


...



๐Ÿ“Œ EvilApp - Phishing Attack Using An Android App To Grab Session Cookies For Any Website (ByPass 2FA)


๐Ÿ“ˆ 34.92 Punkte

๐Ÿ“Œ EvilNet - Network Attack Wifi Attack Vlan Attack Arp Attack Mac Attack Attack Revealed Etc...


๐Ÿ“ˆ 32.08 Punkte

๐Ÿ“Œ CEO of Defunct Silicon Valley Startup Indicted For Allegedly Tricking Employees Into Working For Free


๐Ÿ“ˆ 30.41 Punkte

๐Ÿ“Œ Man accused of tricking men into involuntary porn


๐Ÿ“ˆ 30.41 Punkte

๐Ÿ“Œ Hacker steals Verizon employee database after tricking worker into granting remote access


๐Ÿ“ˆ 30.41 Punkte

๐Ÿ“Œ Fake Ransomware Attacks Are Tricking Businesses Into Paying


๐Ÿ“ˆ 30.41 Punkte

๐Ÿ“Œ Hackers can compromise your WhatsApp account by tricking you into answering a video call


๐Ÿ“ˆ 30.41 Punkte

๐Ÿ“Œ Hacking iPhone or MacBook devices by tricking into visiting a site


๐Ÿ“ˆ 30.41 Punkte

๐Ÿ“Œ Charter Must Pay $19 Million For Tricking Customers Into Switching ISPs


๐Ÿ“ˆ 30.41 Punkte

๐Ÿ“Œ Scammers are Tricking Instagram Into Banning Influencers


๐Ÿ“ˆ 30.41 Punkte

๐Ÿ“Œ Hmmcookies - Grab Cookies From Firefox, Chrome, Opera Using A Shortcut File (Bypass UAC)


๐Ÿ“ˆ 29.57 Punkte

๐Ÿ“Œ Microsoft Discovered A Phishing Campaign Tricking Users With Custom 404 Pages


๐Ÿ“ˆ 29.39 Punkte

๐Ÿ“Œ Phishers tricking users via fake LinkedIn Private Shared Document


๐Ÿ“ˆ 29.39 Punkte

๐Ÿ“Œ Hackers Distribute Vidar Malware By Tricking Users with Fake Windows 11 Downloads


๐Ÿ“ˆ 29.39 Punkte

๐Ÿ“Œ Companies are Subtly Tricking Users Online with 'Dark Patterns'


๐Ÿ“ˆ 29.39 Punkte

๐Ÿ“Œ Windows Defender Bypass Tricks OS into Running Malicious Code


๐Ÿ“ˆ 28.06 Punkte

๐Ÿ“Œ iOS Malicious Bit Hunter - A Malicious Plug-In Detection Eng ine For iOS Applications


๐Ÿ“ˆ 26.64 Punkte

๐Ÿ“Œ Stuck running Windows 10 32-bit? Here's how to switch to 64-bit version.


๐Ÿ“ˆ 26.59 Punkte

๐Ÿ“Œ How to Find if Linux is Running on 32-bit or 64-bit CPU


๐Ÿ“ˆ 26.59 Punkte

๐Ÿ“Œ Stuck running 32-bit Windows 10? Here's how to switch to a 64-bit version.


๐Ÿ“ˆ 26.59 Punkte

๐Ÿ“Œ More Yahoo users warned of malicious account access via forged cookies


๐Ÿ“ˆ 26.19 Punkte

๐Ÿ“Œ New Krampus-3PC Malware Attacks iPhone Users to Steal Cookies and Redirects to Malicious Websites


๐Ÿ“ˆ 26.19 Punkte

๐Ÿ“Œ From Monolith to Microservices at Grab (aka Go for Grab)


๐Ÿ“ˆ 24.81 Punkte

๐Ÿ“Œ Trojan Puzzle attack trains AI assistants into suggesting malicious code


๐Ÿ“ˆ 24.43 Punkte

๐Ÿ“Œ Trojan Puzzle attack trains AI assistants into suggesting malicious code


๐Ÿ“ˆ 24.43 Punkte

๐Ÿ“Œ Using a Free Online Malware Analysis Sandbox to Dig Into Malicious Code


๐Ÿ“ˆ 24.24 Punkte

๐Ÿ“Œ TrickBotโ€™s Cryptocurrency Hunger: Tricking the Bitcoin Out of Wallets


๐Ÿ“ˆ 24.13 Punkte

๐Ÿ“Œ DEF CON 26 PACKET HACKING VILLAGE - Hadar Yudovich, Panel - Tricking Hackers with OSINT


๐Ÿ“ˆ 24.13 Punkte

๐Ÿ“Œ Hackers Tricking Employees To Handover Payroll Data In Latest BEC Scam


๐Ÿ“ˆ 24.13 Punkte

๐Ÿ“Œ Security In 5: Episode 461 - Office Depot Pays 35 Million Dollar Fine For Tricking Customers


๐Ÿ“ˆ 24.13 Punkte

๐Ÿ“Œ Fake Amazon Review Scheme Tricking Customers


๐Ÿ“ˆ 24.13 Punkte

๐Ÿ“Œ Romance scammers jailed after tricking Irish OAP out of โ‚ฌ250k


๐Ÿ“ˆ 24.13 Punkte

๐Ÿ“Œ Meta Researchers Create AI That Masters Diplomacy, Tricking Human Players


๐Ÿ“ˆ 24.13 Punkte











matomo