This is the most proud of a blog post I’ve ever been :)

@d0nutptr Ahhh there it is. Nice work, man! Genius attack :)

@Rhynorater I figured I teased you long enough :p

@d0nutptr very well written! 🔥

@michielprins Thank you!!!

@d0nutptr @NahamSec Is stealing csrf token considered as harmful?

@yappare @NahamSec Yup!

@d0nutptr CSS Sequential Import Chaining might work better for the article title.. definitely a nice technique though

@PerseidRocks True... but i wrote an article called “exfiltration via css injection” previously so i kinda wanted to play off that title :p

@d0nutptr cool work! :)

@cgvwzq You too! XD

@d0nutptr Really great work! In case outbound ports are filtered for the victim, I'm assuming you could use 2 different hostnames ( and ) instead of different ports to get around the browser connection limit you mentioned. Right?

@nbk_2000 Yup! That should be sufficient :) the tool supports that already too!

@d0nutptr Awesome write-up and technique 🙌

@d0nutptr that's a nice one dude:)

@d0nutptr INCYMI @vivekchsm

@d0nutptr Sick!! 🔥🔥🔥

@d0nutptr D0nut the css wizard. Love the writeup, great work as always

@d0nutptr Dope!

@d0nutptr Amazing work! and made in Rust! <3