Comments on: Replace What?! http://hackademix.net/2008/06/21/replace-what/ Giorgio Maone's answers to the Web, the Universe, and Everything Wed, 19 Nov 2008 01:00:18 +0000 http://wordpress.org/?v=2.2.3 By: Aerik http://hackademix.net/2008/06/21/replace-what/#comment-8347 Aerik Sun, 22 Jun 2008 18:13:56 +0000 http://hackademix.net/2008/06/21/replace-what/#comment-8347 <blockquote cite="idiot">Update: My mistake in reading the minutes, we aren't removing NoScript, we're disabling NoScript script/plugin blocking for VPN users, in addition to playing with adding SSP. </blockquote>

Update: My mistake in reading the minutes, we aren’t removing NoScript, we’re disabling NoScript script/plugin blocking for VPN users, in addition to playing with adding SSP.

]]> By: Giorgio http://hackademix.net/2008/06/21/replace-what/#comment-8331 Giorgio Sat, 21 Jun 2008 16:47:59 +0000 http://hackademix.net/2008/06/21/replace-what/#comment-8331 <blockquote> is now corrected to SSP (site security policy)</blockquote> ... making his statements even more problematic :)

is now corrected to SSP (site security policy)

… making his statements even more problematic :)

]]> By: Ben http://hackademix.net/2008/06/21/replace-what/#comment-8330 Ben Sat, 21 Jun 2008 16:33:53 +0000 http://hackademix.net/2008/06/21/replace-what/#comment-8330 The site in it's comments is now corrected to SSP (site security policy). The site in it’s comments is now corrected to SSP (site security policy).

]]> By: Giorgio http://hackademix.net/2008/06/21/replace-what/#comment-8328 Giorgio Sat, 21 Jun 2008 14:22:44 +0000 http://hackademix.net/2008/06/21/replace-what/#comment-8328 @<b>.mario</b>: ROTFL, <strong>Cross Medium Scripting®</strong> FTW! @.mario:
ROTFL, Cross Medium Scripting® FTW!

]]> By: .mario http://hackademix.net/2008/06/21/replace-what/#comment-8327 .mario Sat, 21 Jun 2008 14:13:53 +0000 http://hackademix.net/2008/06/21/replace-what/#comment-8327 I think it means Standard Parallel Port - as to be seen here: http://de.wikipedia.org/wiki/Standard_Parallel_Port. Try to execute on a website that has been printed out - quite a quest. I think it means Standard Parallel Port - as to be seen here: http://de.wikipedia.org/wiki/Standard_Parallel_Port. Try to execute on a website that has been printed out - quite a quest.

]]> By: Giorgio http://hackademix.net/2008/06/21/replace-what/#comment-8326 Giorgio Sat, 21 Jun 2008 13:21:47 +0000 http://hackademix.net/2008/06/21/replace-what/#comment-8326 @<b>sirdarckcat</b>: I could not sniff any X-SSP header on their site (maybe they're in some restricted area only?) Anyway, <a href="https://activate.xerobank.com/auth/login?username=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E%3Cspan" target="_blank" rel="nofollow external" rel="nofollow">they definitely need something here</a>. @sirdarckcat:
I could not sniff any X-SSP header on their site (maybe they’re in some restricted area only?)
Anyway, they definitely need something here.

]]> By: sirdarckcat http://hackademix.net/2008/06/21/replace-what/#comment-8325 sirdarckcat Sat, 21 Jun 2008 12:48:41 +0000 http://hackademix.net/2008/06/21/replace-what/#comment-8325 I think he is saying that the users of xerobank dont need NoScript because XeroBank's website has their own anti-xss measures. I think he is saying that the users of xerobank dont need NoScript because XeroBank’s website has their own anti-xss measures.

]]>