4DgiftsJul 2, 2024

So i wrote this on the other site (the short messages wannabe porn site) and predictably got just a single response.
Perhaps here I would fare better?

Reading the Qualys writeup about the OpenSSH race condition RCE it occurred to me that there should be a book titled "Beautiful Exploits" in which a handful of beautiful exploits are explained and their philosophical and historical implications are discussed.

Which ones you'd pick?

Show threadprozacchiwawa

@4Dgifts not as glamorous as the deepest ones but working around xss defense by building javascript out of punctuation brings me joy.

https://hackaday.com/2012/08/13/writing-javascript-without-using-any-letters-or-numbers/

the 'windows metafile files just call any old gdi escape' one is among my all time favorites:

https://en.wikipedia.org/wiki/Windows_Metafile_vulnerability

Writing Javascript Without Using Any Letters Or Numbers

Did you know it’s possible to write Javascript code without using any letters or numbers at all? Well, it’s not just Javascript, but that’s the language used in this demonstration…

Hackaday
Jul 2, 2024 at 4:11amWeb