Paid Advertising is
ha.ckers sla.cking
Script obfuscation, filter evasion, IDS/IPS/WAF bypassing... this is where it should live. Because this topic is too big to live anywhere else. Phj33r! 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
& -> &
Posted by: Medic
Date: June 15, 2010 08:32PM

Passing a 3(max amt) character name to a ASP.NET server/filter.
All ASCI 0-126 are allowed.
My goal is to enter somthing like H³

Ofcourse when I enter ³(for subscript 3) it jus takes the '&' and turns it to & which ofcourse causes it not to display the symbol. I want the server to actually return ³ in the page.

'&# <--- this combo produces server error 500 (not a very descriptive error)
I've tried modifying values by using Tamper Data add-on and Javascript: from the browser bar to modify page. Also tried Unicode encoding *sigh*

Haha getting discouraged on 1 of my 1st real world attempts, just looking for some pointers in the right direction. Pfft....I could also use a better workflow for testing.

Options: ReplyQuote
Re: & -> &amp;
Posted by: Skyphire
Date: June 18, 2010 06:49AM


As for the & being translated to &amp; that's a bit harder. But what happens when you enter: ³ verbatim? maybe you can add a zero-width non-joiner[1] before it, Windows doesn't like those chars and sometimes passes filters, like MSN for example.


Options: ReplyQuote
Re: & -> &amp;
Posted by: Medic
Date: June 18, 2010 11:59AM

When I enter ³ (copy/paste or by hitting ALT+0179) it gets URL encoded to %C2%B3, server accepts it fine but returns it back to me as a ' ? '

Currently I'm testing what happens when I change the charset value in the Content-type header before sending it to the server. I'll give your suggestion a go aswell and see what happens.

Thnx for the reply

Options: ReplyQuote

Sorry, only registered users may post in this forum.