CSS Keylogger - old is new again
This is "well known" research that resurfaces every other year. Let me tell you a story how I have heard about this in 2012 and putting it into perspective.
Research "Scriptless Attacks –
Stealing the Pie Without Touching the Sill" (2012):
+ Paper: https://www.nds.rub.de/media/emma/veroeffentlichungen/2012/08/16/scriptlessAttacks-ccs2012.pdf
+ Slides: https://www.slideshare.net/x00mario/stealing-the-pie
+ Talk recording: https://channel9.msdn.com/Events/Blue-Hat-Security-Briefings/BlueHat-Security-Briefings-Fall-2012-Sessions/BH1203
CSS Keylogger: https://github.com/maxchehab/CSS-Keylogging
Stealing Data With CSS - Attack and Defense: https://www.mike-gualtieri.com/posts/stealing-data-with-css-attack-and-defense
Twitter:
+ https://twitter.com/0x6D6172696F
+ https://twitter.com/sirdarckcat
+ https://twitter.com/garethheyes
+ https://twitter.com/thornmaker
+ https://twitter.com/mlgualtieri
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ 🐕 Social ]=-
→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/
-=[ 📄 P.S. ]=-
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#SecurityResearch
Видео CSS Keylogger - old is new again канала LiveOverflow
Research "Scriptless Attacks –
Stealing the Pie Without Touching the Sill" (2012):
+ Paper: https://www.nds.rub.de/media/emma/veroeffentlichungen/2012/08/16/scriptlessAttacks-ccs2012.pdf
+ Slides: https://www.slideshare.net/x00mario/stealing-the-pie
+ Talk recording: https://channel9.msdn.com/Events/Blue-Hat-Security-Briefings/BlueHat-Security-Briefings-Fall-2012-Sessions/BH1203
CSS Keylogger: https://github.com/maxchehab/CSS-Keylogging
Stealing Data With CSS - Attack and Defense: https://www.mike-gualtieri.com/posts/stealing-data-with-css-attack-and-defense
Twitter:
+ https://twitter.com/0x6D6172696F
+ https://twitter.com/sirdarckcat
+ https://twitter.com/garethheyes
+ https://twitter.com/thornmaker
+ https://twitter.com/mlgualtieri
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ 🐕 Social ]=-
→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/
-=[ 📄 P.S. ]=-
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#SecurityResearch
Видео CSS Keylogger - old is new again канала LiveOverflow
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
HOW FRCKN' HARD IS IT TO UNDERSTAND A URL?! - uXSS CVE-2018-6128
Analysing a Firefox Malware browserassist.dll - FLARE-On 2018
What is PHP and why is XSS so common there? - web 0x02
What do Nintendo Switch and iOS 9.3 have in common? CVE-2016-4657 walk-through
Minetest Circuit Challenge - Google CTF 2019 Qualifier
Reverse Engineering Obfuscated JavaScript
Critical .zip vulnerabilities? - Zip Slip and ZipperDown
The Curse of Cross-Origin Stylesheets - Web Security Research
Student Finds Hidden Devices in the College Library - Are they nefarious?
Uncrackable Programs? Key validation with Algorithm and creating a Keygen - Part 1/2 - bin 0x07
Solving a JavaScript crackme: JS SAFE 2.0 (web) - Google CTF 2018
DEF CON CTF 2018 Finals
MMORPG Bot Reverse Engineering and Tracking
Some thoughts on Mobile App Security - is it FUD?
Why MissingNo Multiplies Items!
Custom Chromium Build to Reverse Engineer Pop-Under Trick
XS-Search abusing the Chrome XSS Auditor - filemanager 35c3ctf
Does Hacking Require Programming Skills?
Let’s play a game: what is the deadly bug here?