The Three JavaScript Hacking Legends

In this video we talk about the first JavaScript vulnerabilities in 1997, and how the field was dominated by three "XSS" legends.

Bugtraq 1997 - LoVerso: https://seclists.org/bugtraq/1997/Jun/88
LoVerso Website: https://web.archive.org/web/19970607122219/http://www.osf.org/~loverso/javascript/
LoVerso dir.html PoC: https://web.archive.org/web/19970607185809/http://www.osf.org/~loverso/javascript/dir.html
Tasty Bits from the Technology Front: https://web.archive.org/web/19970803213858/http://www.tbtf.com/archive/02-27-96.html
TBTF about Netscae 2.0b3: https://web.archive.org/web/19970803220511/http://www.tbtf.com/archive/12-02-95.html
Scott Weston on TBTF: https://web.archive.org/web/19970803220702/http://www.tbtf.com/resource/b2-privacy-bug.html
Bugtraq about Bug Bounty 1995: https://seclists.org/bugtraq/1995/Oct/12

Episode 01: https://www.youtube.com/watch?v=bSJm8-zJTzQ
Episode 03: https://www.youtube.com/watch?v=gVblb-QhZa4

Episode 02:
00:00 - Intro
00:45 - First JavaScript Vulnerability
02:00 - John Robert LoVerso
03:19 - First Directory Browse Vulnerability
04:16 - Comparison to My Exploit
05:13 - John Tennyson
05:44 - Tasty Bits from the Technology
06:16 - Netscape's Bug Bounty
06:48 - Scott Weston history stealing
08:12 - The Three Legends of JavaScript Security
08:59 - The Year 1996
09:31 - JavaScript can't claim to be secure
10:25 - ECMAScript: JavaScript Specification
11:13 - Next Episode Teaser

-=[ ❤️ Support ]=-

→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ 🐕 Social ]=-

→ Twitter: https://twitter.com/LiveOverflow/
→ Instagram: https://instagram.com/LiveOverflow/
→ Blog: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/

Видео The Three JavaScript Hacking Legends канала LiveOverflow