Few mistakes i noticed still, but i cleared them up...again

9/10

Only one grammatical error (using \"an\" before \"CSRF\"), but other than that, it reminded me of an attack I had forgotten about.

9/10

MOD EDIT: Cheers, fixed.

Great article, nice crystallization

Decent article, but a few points regarding the preface.

It\'s your first article, good for you, are we supposed to care? People always think that we should excuse errors because it\'s their first article. Last time I checked, your knowledge pertaining to the subject wasn\'t affected by your article writing experience. Don\'t get me wrong, it\'s always good to see new people getting involved, especially when they\'re submitting an article that isn\'t identical to three others submitted in the ten days prior. It\'s simply not something that should be brought up; after all, you don\'t walk in to your first corporate board meeting and tell everybody that it\'s a new experience for you.

Mentioning your age. This is one of the less personal reasons that I don\'t spend much time reading the forums anymore. Time and time again we would see people asking if they were too young to start \"hacking\". And yes, in a lot of cases, people were too young, but not because they were legally 13, 16, 18, or <insert number here>. They were too young mentally. If they came to the forums saying that they were 17 and wanted to hack their friend\'s Myspace account, it usually portrayed the maturity of a 10-year-old. In the same sense, I\'ve seen kids who haven\'t hit puberty manage to do great, because they were mature enough to understand what the purpose of this community really was. I guess what I\'m trying to get at is that you\'re 16. Okay...

<Double Post due to message length limit>

That has nothing to do with the extent of your knowledge on CSRF attacks, because it doesn\'t limit how much dedication you\'re willing to put in to educating yourself, which is one of the fundamental principles of hacking. Your profile is proof enough that you are mature enough to be here, age isn\'t an excuse.

My final point of criticism ties in with the above. Pointing out the possibility of false information. If you aren\'t confident that you know what you\'re talking about, you shouldn\'t be submitting that information in the article until you do further research to either confirm or deny what you thought you knew.

Keep in mind, I\'m not trying to be rude with my criticism. It is just a few points that you should consider when you post your next article. All that said, I want to point out that I\'m giving this article a good rating, which I haven\'t given to many recent articles.

\"It\'s your first article, good for you, are we supposed to care? People always think that we should excuse errors because it\'s their first article.\"

Well considering every time someone submits an article for the first time, they are proud of it and just want to show it. It\'s not for a fact saying \'don\'t mind my errors\'. I sure care that it\'s his first article, that won\'t change my vote - nor anyone elses.

this brings back memories... lol

nos_slived do you feel better now,were you attempting to break his confidence,as I can see no help too your post or purpose other then to put this guy down what was the point of it?

W00t! JS.Spacehero. Samy is my hero!

Hey guys, I have a joke. There once was a guy who had been in the community for more than two years. Then more than a year later, two more guys joined the community, and are now approaching the eight month mark of their membership. The first member has spent two years reading much of the same shit repeated times, with slightly different wording each time. Then along comes a fourth guy to join the community. He is wise, and shares his knowledge in the form of an article, making few mistakes, save for the classic preface that makes it like other articles, most of which are far from the quality of his. After recognizing this, the first guy points out the mistakes to the article creator, in hopes that he will acknowledge the points brought up, and decide to omit this preface upon creation of his next article. Many community members, older community members, who have seen this in the past will recognize that this new member has enough confidence to post an article without making excuses for errors, and rather fixing any errors that may exist prior to submission.

Meanwhile, the second and third members to join the community fail to see the difference made in the quality of an article when this preface is omitted. Despite the fact that the first member stated that his vote will be swayed, and that he was not trying to break the confidence of the fourth member, the second and third members still manage to look right through it and turn on the first member.

Now wasn\'t that a knee-slapper!

Ok ok man I hear you I just felt bad for the guy,but I\'ll give you your credit due on a very valid point.It is old and also yes I have seen this rewritten like 5 times.

riiiiiiiiiiiiight. well this is my first article i have seen on this site, so its new to me =D

yer i been going on and off since about 12 but really started getting commited quite recently =]]
Pyr0

Really cool article.I`m new here but it seems cool to me. Good luck in learning. I`m only 15 my self, and i would really like to learn it.

I want to learn too but i only got level 5 basic mission would someone pm me and give me tips...pls.!

Since this has become a place for telling your age, I am 15 myself too! I liked the article, but I think this kind of attak is lame! Still, I give you a 10 for the article!
as for sikki\'s comment \"i am 14 years old and i want to learn me how to hack.. Can you give me some tips like what for programm i should download, Linux or windows. send me a message plz\", YOU ARE NOT A HACKER IF YOU USE LINUX, YOU ARE NOT A HACKER IF YOU DOWNLOAD SOME PROGRAMS! GO READ, LEARN ABOUT HACKING, DO THE CHALLENGES, ETC! IF I USE LINUX, I DO NOT USE BECAUSE I THINK AM A HACKER! I USE IT BECAUSE IT SUITS MY NEEDS FOR COMPUTING!

fuckaverageusers, cap locks is not cruise control for cool on HTS. It make you look like a 12 years old. However, I do agree with your point.

Nos, you\'re an amazing writer...

I like it quite a lot pretty simple though you didn't mention that you can change the obscure the URL to the IP of the site if it shows what the site's name is (I don't think anyone would go to: http://www.bank.com/moneytransfer.jsp?command=transfer&destinationuser=Attac ker&src=mysavings&amount=10000) Also just an idea if you set up a 3 way redirection as in tell some one to go to safesite.com but actually you've hacked or own the site then place a redirection to the site with the malacious URL. Also if it was a guestbook or something of the like that was vulnerable to XSS you could type <script>document.location='badsite.com'</script> Then quickly press esc and everyone should theoretically be redirected. Just a thought other than that 8/10
<script>alert('XSS ;D')</script>

"></table></tr></td></p></form><script& gt;alert('XSS Test')</script>

"></table></tr></td></p></form><script& gt;alert('XSS Test')</script>

Thanks for Sharing!!! 10/10!