Cody Swann has a modified version of the exploit using prototype that works in IE and has support for AJAX requests: <html> <head> <script type="text/javascript" src="http://script.aculo.us/prototype.js"></script> </head> <body> Have you been to...

Update: Cody Swan has a version that works in IE and supports AJAX to log the urls somewhere. Info here . Jeremiah Grossman has demonstrated an interesting way to sniff out browser history via CSS hacks. IE7 RC1 is smart enough to block the site, but FireFox lists my history without any complaints. Spooky...

A simple way to compromise security of computers everywhere. How nice. AttackAPI (0.6) August 31st, 2006 AttackAPI provides simple and intuitive web programmable interface for composing attack vectors with JavaScript and other client (and server) related technologies. The current release supports several...

A simple way to compromise security of computers everywhere. How nice. AttackAPI (0.6) August 31st, 2006 AttackAPI provides simple and intuitive web programmable interface for composing attack vectors with JavaScript and other client (and server) related technologies. The current release supports several...

Cody Swann has a modified version of the exploit using prototype that works in IE and has support for AJAX requests: <html> <head> <script type="text/javascript" src="http://script.aculo.us/prototype.js"></script> </head> <body> Have you been to...

Update: Cody Swan has a version that works in IE and supports AJAX to log the urls somewhere. Info here . Jeremiah Grossman has demonstrated an interesting way to sniff out browser history via CSS hacks. IE7 RC1 is smart enough to block the site, but FireFox lists my history without any complaints. Spooky...