About 22 results found. (Query 0.13800 seconds)
zzz.i2p: Browser plugin against the mixed proxy XSS vulnerability? Anyone?
http://zzz.i2p/posts/8340
A tough job, on which even Tor fails partly. echelon Link Post   Topic   (x) Home » Forum Topics » I2P Help, Hints, Advice » Complaints and Questions ... » Browser plugin against the mixed proxy XSS vulnerability? Anyone? Powered by I2P
Publicações recentes com a tag xss - Exilio404
http://exilio404.i2p/tag/xss
(87) • 171 (98) • Doxxing (30) • Mercado negro (56) Publicações recentes com a tag xss 1 voto positivo 0 votos negativos 1 resposta Administrador de Fórum Hacker XSS Preso na Ucrânia Publicado 23 Jul, 2025 em Notícias Por UWw8YrHWAZ Mulher de Preso ( 1,7K pontos) xss forum preso europol Para ver mais, confira a lista completa de publicações ou as tags populares .
Jayesh Madnani (@Jayesh25): ""If you're consistently finding bugs but not earning much, it's...
http://nitter.catsarch.i2p/Jayesh25_/status/1839633351436591360
Nitter Jayesh Madnani @Jayesh25 27 Sep 2024 "If you're consistently finding bugs but not earning much, it's not a question of skill—you're just not targeting the right programs." It’s eye-opening that your $250 XSS could be worth $10-30k elsewhere. While you're probably making $2,500 from 10 XSS reports, someone else is earning over $100k for the same amount of reports.
StatHelper (I2P Anonymous Network - Java Documentation - API Version 0.9.69)
http://i2p-javadocs.i2p/net/i2p/router/web/helpers/StatHelper.html
Object clone , equals , finalize , getClass , hashCode , notify , notifyAll , toString , wait , wait , wait Constructor Details StatHelper public   StatHelper () Method Details setPeer public   void   setPeer ( String  peer) Caller should strip HTML (XSS) getProfile public   String   getProfile () Look up based on a b64 prefix or full b64. Prefix is inefficient.
/tech/ - [bold:REMOVE NOSCRIPT] Why the fuck is this autistic tranny garbage still in Tor...
http://lambdaplusjs.i2p/tech/237833
It's ironic to even talk about XSS because that's not the intended use case for Tor; it's meant for paranoid retards who go on to do a one time thing and then never anything again.
Extract ASCII from a packet capture Hex dump (BASH) | snippets.bentasker.co.uk
http://snippets.bentasker.i2p/posts/bash/extract-ascii-from-a-packet-capture-hex-dump.html
Details Language: BASH Snippet cat f.txt | cut -d \ -f1-18 | grep -P '[0-9,a-f][0-9,a-f] ' | xxd -r -ps Usage Example cat f.txt | cut -d \ -f1-18 | grep -P '[0-9,a-f][0-9,a-f] ' | xxd -r -ps HTTP/1.0 200 OK Server: gunicorn/19.9.0 Date: Thu, 10 Oct 2019 09 :01:12 GMT Connection: close Content-Type: text/html ; charset = utf-8 X-Frame-Options: DENY Content-Length: 2 X-Content-Type-Options: nosniff X-XSS-Protection: 1 ; mode = block ok ascii bash capture convert hex pcap translate Previous...
Security bounty — LocalMonero
http://lm.i2p/nojs/security-bounty-whitehat?dismissNotice=true
Eligibility In general, anything which has the potential for financial loss or data breach is of sufficient severity is eligible, including: • XSS • CSRF • Authentication bypass or privilege escalation • Click jacking • Remote code execution • Obtaining user information • Accounting errors In general, the following would not meet the threshold for severity: • Lack of password length restrictions • Session-related issues (session fixation etc.) • Merely showing that a page can be iFramed...
1 similar result skipped
Security in PHPCredLocker | www.bentasker.co.uk
http://bentasker.i2p/posts/documentation/phpcredlocker/phpcredlocker-security/164-security-in-phpcredlocker.html
Secondly, all scripts require that a specific constant be defined, otherwise they exit immediately, before anything which may result in an error occurs. Cross Site Scripting (XSS) PHPCredLocker never uses the content of either POST data or the request URI to populate content, this helps prevent XSS attacks as it prevents malicious tags from being embedded into the request.
sigmaforum
http://sigma.i2p/post/19?reply_to=43
If all peers can be served by a single tracker (with a couple of backups), and you get the same peers from each of them anyway, some I2P bandwidth can be saved globally. by volans (member) 4 months ago [reply] (lol lilly looks like i found a bug; i had used angular brackets to put something like this [shameless self plug] [/shameless self plug]) by lilly (administator) 4 months ago [reply] now your original message shows up too, it turned out to have to do with me accidentally just not preventing...
1 similar result skipped
/b/ - Хаос под властью Большого Брата Гомо
http://grindchan.i2p/b/res/23.html
Деанон пользователей запрещён. форумы в i2p посвященные соц. инженерии, пе Anon 2025/09/02(Tue)22:18:46 R No. 23 всем привет, может есть у кого то линки на форумы про соц инженерию, пентест, мошенничество. потипу павшего xss. Удалить сообщение   - Sriracha -
NGiNX's recipes & tips - Stuff - Arav's dwelling
http://arav.i2p/stuff/article/nginx_recipes_and_tips
Note on how NGiNX works with HTTP headers Let’s say in http block you specified common headers like X-Frame-Options , X-XSS-Protection , and so on for all server directives to use. But, if you add some other header for a specific server or location block then all those headers would be dropped.
So I built my own WAF because nothing else works on Hidden Service
http://maverick.i2p/blog/mavewaf
It only flags UNION if it’s actually used as a SQL set operator, not when it appears in a normal sentence. Far fewer false positives. For XSS, path traversal, and LFI, Aho-Corasick runs all patterns in a single pass. O(N) regardless of how many rules you have. Each match has a score.
FormHandler (I2P Anonymous Network - Java Documentation - API Version 0.9.56)
http://idk.i2p/javadoc-i2p/net/i2p/router/web/FormHandler.html
Object clone , equals , finalize , getClass , hashCode , notify , notifyAll , toString , wait , wait , wait Field Details _context protected RouterContext _context _log protected Log _log _settings protected Map _settings Not for multipart/form-data, will be null _requestWrapper protected RequestWrapper _requestWrapper Only for multipart/form-data. Warning, parameters are NOT XSS filtered _action protected String _action _method protected String _method _out protected Writer _out...
KevaChat - чат в блокчейне [HowTo Yggdrasil]
http://yggdrasil.acetone.i2p/social_media:kevachat
Любая разметка обычно фильтруется клиентским приложением, в том числе с целью предотвращения XSS и запросов к внешним ресурсам. Также не используются обертки JSON и прочие программные слои, затрудняющие чтение исходной базы данных.
I2P 2.4.0 Release - I2P support forum
http://i2pforum.i2p/viewtopic.php?p=2930
RELEASE DETAILS Changes Router: Restructure netDb to isolate data recieved as a client from data recieved as a router Router: Implement handling and penalties for congestion caps Router: Temp. ban routers publishing in the future NetDB: Lookup handler/throttler fixes i2psnark: Uncomment and fix local torrent file picker Bug Fixes i2ptunnel: Exempt tunnel name from XSS filter (Gitlab #467) i2ptunnel: Fix gzip footer check in GunzipOutputStream (Gitlab #458) SAM: Fix accept after soft...
The Internet Roadtrip Pathfinder
http://mat.i2p/internet-roadtrip-pathfinder
Other than these things, the new ratelimit bypass didn’t really get used, since there didn’t end up being a need for more counter- botting. The Internet Roadtrip XSS It’s not actually as bad as it sounds. I was looking at the network requests in Firefox Dev­Tools while debugging an unrelated issue, when I saw a request for a Discord emoji.
(Untitled)
http://74f5ydnjsrizxzjux3ivt5qt2epgzvq2pfipttdpjblyqcx7i4sq.b32.i2p/chat98/chat98/commit/358aa6038cb79ae451a8d6d1fae44ba32ac77741.patch
i%x7+epq4Kv#m g zOES6kS@+P%b94JI?4BVbkZ1d$r+l+gf{kO78;7*22fwBYkGhvaTyItEVW(LttC{*r zjxBuR*nX)o!}xss@hPuQ2-?e9We3^#J~rlkp G`$YcS36` zm!3 -&axX+J>n~Gxxqdmpntgc>P4D zY5iV?=eN)Jy*!{U@`&G|>d1SGwmk6Y{?CM3i~M=pwSFlB1H)4W1_lkhwMal>QE_UK ziXmjUp|!
Максим Калашников • Цунами 2010-х годов
http://librarian.i2p/get/11973184380094470907/2397021060839789877
No information is available for this page.