Previous Bypass is now fixed in version 1.4.7 - XSS with AngularJS 0x2

Channel:
United States LiveOverflow
Subscribers:
921,000
Published on ● Video Link: https://www.youtube.com/watch?v=6pGEVDderN4


Duration: 6:03
8,529 views
186

Testing the old bypass from version 1.0.8 on a new version 1.4.7 where it's fixed, to prepare for a different bypass.

mario heiderich @0x6d6172696f (https://cure53.de/)
gareth heyes @garethheyes
XSS without HTML: Client-Side Template Injection with AngularJS
http://blog.portswigger.net/2016/01/x...
An Abusive Relationship with AngularJS
https://vimeo.com/165951806

-=[ πŸ”΄ Stuff I use ]=-

β†’ Microphone:* https://geni.us/ntg3b
β†’ Graphics tablet:* https://geni.us/wacom-intuos
β†’ Camera#1 for streaming:* https://geni.us/sony-camera
β†’ Lens for streaming:* https://geni.us/sony-lense
β†’ Connect Camera#1 to PC:* https://geni.us/cam-link
β†’ Keyboard:* https://geni.us/mech-keyboard
β†’ Old Microphone:* https://geni.us/mic-at2020usb

US Store Front:* https://www.amazon.com/shop/liveoverflow

-=[ ❀️ Support ]=-

β†’ per Video: https://www.patreon.com/join/liveoverflow
β†’ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ πŸ• Social ]=-

β†’ Twitter: https://twitter.com/LiveOverflow/
β†’ Website: https://liveoverflow.com/
β†’ Subreddit: https://www.reddit.com/r/LiveOverflow/
β†’ Facebook: https://www.facebook.com/LiveOverflow/

-=[ πŸ“„ P.S. ]=-

All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.

#WebSecurity



Other Videos By LiveOverflow


2016-10-21Explaining Dirty COW local root exploit - CVE-2016-5195
2016-10-18Channel is growing and Riscure hardware CTF starting soon - loopback 0x01
2016-10-14Sandbox bypass for the latest AngularJS version 1.5.8 - XSS with AngularJS 0x4
2016-10-11Live Hacking - Internetwache CTF 2016 - exp50, exp70, exp80
2016-10-06Scripting radare2 with python for dynamic analysis - TUMCTF 2016 Zwiebel part 2
2016-10-04Reverse Engineering with Binary Ninja and gdb a key checking algorithm - TUMCTF 2016 Zwiebel part 1
2016-09-30The Heap: How to exploit a Heap Overflow - bin 0x15
2016-09-27The Heap: what does malloc() do? - bin 0x14
2016-09-23CSRF Introduction and what is the Same-Origin Policy? - web 0x04
2016-09-19New Sandbox Bypass in 1.4.7 - XSS with AngularJS 0x3
2016-09-16Previous Bypass is now fixed in version 1.4.7 - XSS with AngularJS 0x2
2016-09-13XSS Contexts and some Chrome XSS Auditor tricks - web 0x03
2016-09-09Capturing & Analyzing Packets with Saleae Logic Pro 8 - Reverse Engineering A/C Remote part 2
2016-09-06Sandbox Bypass in Version 1.0.8 - XSS with AngularJS 0x1
2016-09-02Introducing the AngularJS Javascript Framework - XSS with AngularJS 0x00
2016-08-30What is PHP and why is XSS so common there? - web 0x02
2016-08-26Building Poor Man's Logic Analyzer with an Arduino - Reverse Engineering A/C Remote part 1
2016-08-23The HTTP Protocol: GET /test.html - web 0x01
2016-08-19HTML + CSS + JavaScript introduction - web 0x00
2016-08-16Format String Exploit and overwrite the Global Offset Table - bin 0x13
2016-08-12NEW VIDEOS ARE COMING - loopback 0x00


Tags:
live hacking
live ctf
let's hack
angularjs
gareth heyes
1.4.7
charAt
prototype
constructor.prototype
debug javascript
how to hack
hacking tutorial
reverse engineering
information security
ethical hacking
infosec
angularjs xss
sandbox bypass