Tuesday, 31 March 2015

Abusing Windows Opener To Bypass Certain Restriction ( CSRF Bypass )



Hello all =D , Hope you are doing well

Today we will see that how we can Abuse Windows Opener function to bypass certain restriction in web application.

So first lets see what is Windows Opener Function

According To Mozilla Developer Guide 

When a window is opened from another window, it maintains a reference to that first window aswindow.opener. If the current window has no opener, this method returns NULL.  Windows Phone browser does not support window.opener.  It is also not supported in IE if the opener is in a different security zone.

===================================================================

Featured post

cPanel WebDisk Android App 4.0 : Backup Vulnerability

cPanel WebDisk Android App 4.0 : Backup Vulnerability Hello folks, This vulnerability is regarding an Insecure Data Storage ...

Popular Posts