Encapsulating CSRF attacks inside massively distributed Flash movies - Real world example

Update: Added a sterilized demo and the source code. CSRF (Cross Site Request Forgery) is considered one of the most widely spread exploits in websites today. I’ve written before about how a legitimate Flash file (swf) can be extremely viral. Few days ago I did a real attack, exploiting »

A nice SilverLight showoff by Microsoft

Microsoft recently released the SilverLight version of their Download Center. Its a nice demonstration of the SilverLight technology. But, looking under the hood reveals the huge amount of Javascript used to run this website. I can’t see the benefit this has over DHTML if all the logic is anyway »