undefined | Better HN

0 pointstocomment12y ago0 comments

What I'm not getting is how a running executable can log into a website and initiate a transaction. It won't have your password right? Or is it just a keylogger to catch your password?

0 comments

dariopy12y ago

Like your regular XSRF, it relies on the user already being logged in some browser tab.

It probabley has a keylogger too.

j / k navigate · click thread line to collapse

0 pointstocomment12y ago0 comments

What I'm not getting is how a running executable can log into a website and initiate a transaction. It won't have your password right? Or is it just a keylogger to catch your password?

0 comments

dariopy12y ago

Like your regular XSRF, it relies on the user already being logged in some browser tab.

It probabley has a keylogger too.

j / k navigate · click thread line to collapse