Some time ago I was in the need for a way in javascript to send a POST data to a file and load it’s contents in iframe format, the contents were in the form of application/PDF and the PDF would vary from what I would send in my POST values. Non-challenging as it sounds it still took me some time to figure out – not a problem should be solved…
More+I found a self-XSS in the wordpress core the other day, when you manage to succesfully exploit this vulnerability only imagination can stop you from owning the wordpress installation.
More+Hi there folks, we are happy to tell you that Fredrik, Mathias and me; Jelmer are all in the Google security Hall of Fame for our findings.
The latest unpublished XSS for which I got in the Hall of Fame is still unpatched.
More+Yesterday the Facebook chief security officer Joe Sullivan announced at Hack in the Box (Amsterdam) that Facebook will reward hackers for reporting security vulnerabilities.
More+A friend of mine posted an English spam message on my wall.
Not only for the reason that he is dutch this would be fishy, he posted this message on all his friends walls at the same moment.
I was interested in the reasons why somebody would create such worm so I started to poke around and see what I could find.