[WEB SECURITY] Ajax Sniffer - Proof of concept

[Anurag Agarwal <anurag.agarwal@xxxxxxxxx>]

--0-1695261115-1169028753=:51179
Content-Type: text/plain; charset=ascii
Content-Transfer-Encoding: quoted-printable

Cross Domain Ajax Sniffer - Proof of concept. Overriding the original XMLHt=
tpRequest to incorporate our sniffing function. =0A=0Ahttp://myappsecurity.=
blogspot.com/2007/01/ajax-sniffer-prrof-of-concept.html=0A=0A =0ACheers,=0A=
 =0AAnurag Agarwal=0A =0ASEEC - An application security search engine=0AWeb=
: www.attacklabs.com , www.myappsecurity.com=0AEmail : anurag.agarwal@yahoo=
.com=0ABlog : http://myappsecurity.blogspot.com
--0-1695261115-1169028753=:51179
Content-Type: text/html; charset=ascii
Content-Transfer-Encoding: quoted-printable

<html><head><style type=3D"text/css"><!-- DIV {margin:0px;} --></style></he=
ad><body><div style=3D"font-family:arial, helvetica, sans-serif;font-size:1=
0pt"><DIV></DIV>=0A<DIV>Cross Domain Ajax Sniffer - Proof of concept. Overr=
iding the original XMLHttpRequest to incorporate our sniffing function. </D=
IV>=0A<DIV>&nbsp;</DIV>=0A<DIV><A href=3D"http://myappsecurity.blogspot.com=
/2007/01/ajax-sniffer-prrof-of-concept.html">http://myappsecurity.blogspot.=
com/2007/01/ajax-sniffer-prrof-of-concept.html</A><BR></DIV>=0A<DIV>&nbsp;<=
/DIV>=0A<P>Cheers,</P>=0A<P>&nbsp;</P>=0A<P>Anurag Agarwal</P>=0A<P>&nbsp;<=
/P>=0A<P><A href=3D"http://www.myappsecurity.com/";>SEEC - An application se=
curity search engine</A></P>=0A<P>Web:&nbsp;<A href=3D"http://www.attacklab=
s.com/">www.attacklabs.com</A>&nbsp;, <A href=3D"http://www.myappsecurity.c=
om/">www.myappsecurity.com</A></P>=0A<P>Email : <A href=3D"mailto:anurag.ag=
arwal@yahoo.com">anurag.agarwal@yahoo.com</A></P>=0A<P>Blog : <A href=3D"ht=
tp://myappsecurity.blogspot.com/">http://myappsecurity.blogspot.com</A></P>=
=0A<P>&nbsp;</P>=0A<DIV></DIV></div></body></html>
--0-1695261115-1169028753=:51179--