Sergio Proxy v0.2 Released

Written by admin in Code on Sun 10 July 2011. Tags: http, mitm, sergio proxy, twisted,

Updates in this Release

So after a ridiculously long period of procrastination, I finally got around to updating Sergio Proxy to make it remotely usable. I was never very happy with how the initial code turned out, but given that it was hacked out in a couple days just to ...

Continue reading »

Google Analytics XSS Vulnerability

Written by admin in Google, Vulnerabilities on Thu 03 February 2011. Tags: google analytics, google reward program, vulnerability, xss,

This post documents an XSS vulnerability I discovered in the event tracking functionality provided by Google Analytics. Given a website's Google account number (which can be found in the site source), one could spoof specially crafted events that, when clicked in the administrative interface, would run arbitrary Javascript in ...

Continue reading »

Copyright Ben Schmidt 2015