Jerryrat's blog
    HOME NEWS TOOLS TUTORIALS
Jerryrat
No absolute security system.
  1. Home
  2. TUTORIALS
  3. This article

xss game clearance notes | 4-6

2020年05月11日 226Browse 0Like 0Comments

I haven't updated the article a few days ago because my blog was attacked. Today, I will update  notes of levels 4-6 of the xss game.

Level 4

Just like the first few levels, first try it with <script> alert (1) </ script>, it is found that the title is escaped, but the angle brackets are only filtered in the input tag. This shows that there may be filtering.

Looking at the source code, I found that there is a filter here as I said, but here we can still use events to trigger pop-ups, so we avoid the use of angle brackets. Just like the level 3.

But one thing to note here is that the value is followed by double quotes, not single quotes like the level 3. Therefore, you need to use double quotes to close, construct the corresponding payload, and then use the corresponding comment to comment out the double quotes behind.

Level 5

When I use <script> alert (1) </ script> to test, script becomes scr_ipt, which is equivalent to adding an underscore, which limits our use of events and labels.

I tried on again, and it was separated into o_n, which prevented us from using events to trigger popups.

Look at the source code, and it turns out that the source code filters <script and on.

We already have a lesson in mind, so use the a tag here to filter the blacklist.

Level 6

Similarly, the input of <script> and on will be underlined, and then I open the source code and found that href, data, and src have also been manipulated.

However, we can still try other bypass methods, capital letters are used here.

Tags: hack hacking xss xss attack xss bypass xss game xss payloads
Last updated:2020年05月11日

Jerryrat

Zer0 1s 3ndless.

   like
< Previous

comment

Cancel reply

Zer0 1s 3ndless.

Newest Hotspots
Newest Hotspots
xss game clearance notes | 4-6 xss game clearance notes | 1-3 Bypass CDN to find real IP method Exposed! The "weapon-grade" extension of Apple's default mail program may have been exploited by national hacker organizations! Cross Site Scripting ( XSS ) Vulnerability Payload List Analysis of Github man-in-the-middle attack principle
Analysis of Github man-in-the-middle attack principle xss game clearance notes | 4-6 Over 267 million Facebook users ’personal information leaked and the database shared on the dark web before being destroyed Use cloudflare to compress files and control cache couldflare anti-cc deployment tutorial "Nude chat ransomware" app reverse crack notes
Tag aggregation
wordpress xss hacking cloudflare ddos database xss payloads sql injection
Bookmarks
  • pop花型网

COPYRIGHT © 2020 Jerryrat's blog. ALL RIGHTS RESERVED.