CSS Keylogger - old is new again
This is "well known" research that resurfaces every other year. Let me tell you a story how I have heard about this in 2012 and putting it into perspective.
Research "Scriptless Attacks –
Stealing the Pie Without Touching the Sill" (2012):
+ Paper: https://www.nds.rub.de/media/emma/veroeffentlichungen/2012/08/16/scriptlessAttacks-ccs2012.pdf
+ Slides: https://www.slideshare.net/x00mario/stealing-the-pie
+ Talk recording: https://channel9.msdn.com/Events/Blue-Hat-Security-Briefings/BlueHat-Security-Briefings-Fall-2012-Sessions/BH1203
CSS Keylogger: https://github.com/maxchehab/CSS-Keylogging
Stealing Data With CSS - Attack and Defense: https://www.mike-gualtieri.com/posts/stealing-data-with-css-attack-and-defense
Twitter:
+ https://twitter.com/0x6D6172696F
+ https://twitter.com/sirdarckcat
+ https://twitter.com/garethheyes
+ https://twitter.com/thornmaker
+ https://twitter.com/mlgualtieri
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ 🐕 Social ]=-
→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/
-=[ 📄 P.S. ]=-
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#SecurityResearch
Видео CSS Keylogger - old is new again канала LiveOverflow
Research "Scriptless Attacks –
Stealing the Pie Without Touching the Sill" (2012):
+ Paper: https://www.nds.rub.de/media/emma/veroeffentlichungen/2012/08/16/scriptlessAttacks-ccs2012.pdf
+ Slides: https://www.slideshare.net/x00mario/stealing-the-pie
+ Talk recording: https://channel9.msdn.com/Events/Blue-Hat-Security-Briefings/BlueHat-Security-Briefings-Fall-2012-Sessions/BH1203
CSS Keylogger: https://github.com/maxchehab/CSS-Keylogging
Stealing Data With CSS - Attack and Defense: https://www.mike-gualtieri.com/posts/stealing-data-with-css-attack-and-defense
Twitter:
+ https://twitter.com/0x6D6172696F
+ https://twitter.com/sirdarckcat
+ https://twitter.com/garethheyes
+ https://twitter.com/thornmaker
+ https://twitter.com/mlgualtieri
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ 🐕 Social ]=-
→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/
-=[ 📄 P.S. ]=-
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#SecurityResearch
Видео CSS Keylogger - old is new again канала LiveOverflow
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![HOW FRCKN' HARD IS IT TO UNDERSTAND A URL?! - uXSS CVE-2018-6128](https://i.ytimg.com/vi/0uejy9aCNbI/default.jpg)
![Analysing a Firefox Malware browserassist.dll - FLARE-On 2018](https://i.ytimg.com/vi/5cvpGSSUZI0/default.jpg)
![What is PHP and why is XSS so common there? - web 0x02](https://i.ytimg.com/vi/Q2mGcbkX550/default.jpg)
![What do Nintendo Switch and iOS 9.3 have in common? CVE-2016-4657 walk-through](https://i.ytimg.com/vi/xkdPjbaLngE/default.jpg)
![Minetest Circuit Challenge - Google CTF 2019 Qualifier](https://i.ytimg.com/vi/nI8Q1bqT8QU/default.jpg)
![Reverse Engineering Obfuscated JavaScript](https://i.ytimg.com/vi/8UqHCrGdxOM/default.jpg)
![Critical .zip vulnerabilities? - Zip Slip and ZipperDown](https://i.ytimg.com/vi/Ry_yb5Oipq0/default.jpg)
![](https://i.ytimg.com/vi/2XysSJY6Wh0/default.jpg)
![The Curse of Cross-Origin Stylesheets - Web Security Research](https://i.ytimg.com/vi/bMPAXsgWNAc/default.jpg)
![Student Finds Hidden Devices in the College Library - Are they nefarious?](https://i.ytimg.com/vi/UeAKTjx_eKA/default.jpg)
![Uncrackable Programs? Key validation with Algorithm and creating a Keygen - Part 1/2 - bin 0x07](https://i.ytimg.com/vi/qS4VWL5R_OM/default.jpg)
![Solving a JavaScript crackme: JS SAFE 2.0 (web) - Google CTF 2018](https://i.ytimg.com/vi/8yWUaqEcXr4/default.jpg)
![DEF CON CTF 2018 Finals](https://i.ytimg.com/vi/RXgp4cDbiq4/default.jpg)
![MMORPG Bot Reverse Engineering and Tracking](https://i.ytimg.com/vi/irhcfHBkfe0/default.jpg)
![Some thoughts on Mobile App Security - is it FUD?](https://i.ytimg.com/vi/PNuAzR_ZCbo/default.jpg)
![Why MissingNo Multiplies Items!](https://i.ytimg.com/vi/bxzrtU7VtPU/default.jpg)
![Custom Chromium Build to Reverse Engineer Pop-Under Trick](https://i.ytimg.com/vi/y6Uzinz3DRU/default.jpg)
![XS-Search abusing the Chrome XSS Auditor - filemanager 35c3ctf](https://i.ytimg.com/vi/HcrQy0C-hEA/default.jpg)
![Does Hacking Require Programming Skills?](https://i.ytimg.com/vi/wv2YhT89LDU/default.jpg)
![Let’s play a game: what is the deadly bug here?](https://i.ytimg.com/vi/MpeaSNERwQA/default.jpg)