Web application exploit documents

Here does not explain general web attack method.
It's attack technique accorded to web application development environment of Republic of Korea.

Web 2.0 CSRF exploitation (web-board case study) [PDF] (Korean)

- Bypassing Security Token based Anti-CSRF & Zeroboard XE -1day Remote exploit.
(ISEC2008 Conference paper - 2008.09.01.)

GET, POST method iframe exploit [PDF] (Korean)

- This is technique that often used 3 years ago, since document, it was 1 year. (from 2002)
P.S: Present zeroboard latest version (4.1 pl7) attack is possible. (also, Outblzae mail is same)
Did not try test, but other program is possible attack similarly.
It was written in Korean language in 2004.

P.S: My insufficient English ability is very regrettable.
Therefore, is going to make out lecture hereafter.

By "dong-houn yoU" (Xpl017Elz), in INetCop(c).
MSN & E-mail: szoahc(at)hotmail(dot)com
Home: http://x82.inetcop.org

GnuPG Public Key