New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
I'd love for someone to give me a site where I can get injected w/o user authentication.
I call bs, unless the end-user is a tard.
(On Latest Chrome atm)
Hopefully it's secure QQ..
Edit: Wheres the sauce for this?
http://arstechnica.com/security/2012/12/apache-plugin-turns-legit-sites-into-bank-attack-platforms
In order to be impacted you need to install the malicious code on your webserver. Unless a system admin intentionally does this, they would need root access to the server in which case, a exploitable module is moot.