全部节点
技术节点
论坛
漏洞监测
黑客大会
微信公众号
全部节点
时间 | 节点 | |
---|---|---|
2022年7月21日 23:12 | brutelogic |
Property-based payloads are payloads based on some particular properties of the document object and the elements. From the document object we already know the location-based payloads and from the elements we have the properties “innerHTML” and “outerHTML”. Those 3 are very useful to evade a filter or WAF when we get to the point where … Continue reading Tag Blending Obfuscation In Property-Based Payloads The post Tag Blending Obfuscation In Property-Based Payloads appeared first on Brute XSS. |
2022年1月18日 21:58 | brutelogic |
When dealing with JavaScript injection scenarios sometimes we might get into a difficult situation: the target page is not meant to be accessed directly and some of its code is supposed to use some other code in the setup intended. That leads to some broken script blocks and when the injection context is one of … Continue reading XSS With Hoisting The post XSS With Hoisting appeared first on Brute XSS. |
2021年9月28日 00:46 | brutelogic |
XSS is all about practice. It requires a lot of time to print in the mind all vectors, payloads and tricks at our disposal. There are lots of XSS cases, each one requiring a different approach and construct to pop the alert box. Thinking on that and following the previous XSS Test Page released with … Continue reading Training XSS Muscles The post Training XSS Muscles appeared first on Brute XSS. |
2021年6月24日 00:28 | brutelogic |
XSS polyglots are quite popular among beginners and lazy XSS testers since they only require a single copy and paste. Although doomed to be easily flagged by any decent filter or WAF, they can be useful to spot most of the XSS cases out there. Here we will try to build a cost-effective XSS polyglot, … Continue reading Building XSS Polyglots The post Building XSS Polyglots appeared first on Brute XSS. |
2021年3月8日 08:22 | brutelogic |
Content Security Policy (CSP) is the last line of defense against the exploitation of a XSS vulnerability. When correctly implemented, it seems to be extremely effective in doing so (nowadays). Here we will deal with the possible ways to abuse flaws in its implementation. For a comprehensive reference on CSP check here. Some basic samples … Continue reading CSP Bypass Guidelines The post CSP Bypass Guidelines appeared first on Brute XSS. |
2020年9月18日 02:01 | brutelogic |
Testing for Cross-Site Scripting (XSS) might seem easy at first sight, with several hacking tools automating this process. But regardless of how tests to find a XSS are performed, automated or manually, here we will see a step-by-step procedure to try to find most of the XSS cases out there. For that we will use … Continue reading Testing for XSS (Like a KNOXSS) The post Testing for XSS (Like a KNOXSS) appeared first on Brute XSS. |
2020年9月18日 02:01 | brutelogic |
In some cases, an information passed in one of the HTTP headers of the application is not correctly sanitized and it’s outputted somewhere in the requested page or in another end, giving rise to a XSS situation. But unfortunately, once an attacker can’t make a victim to edit his/her own HTTP headers in an actual … Continue reading XSS via HTTP Headers The post XSS via HTTP Headers appeared first on Brute XSS. |
2020年9月16日 08:29 | brutelogic |
Some Cross-Site Scripting (XSS) vectors arise from strict but allowed possibilities, forming tricky combinations. It’s all about contexts and sometimes the interaction between different contexts with different filters lead to some interesting bypasses. Although in the same document (or page), usually the source code of a HTTP response is formed by 3 different contexts: HTML, … Continue reading Filter Bypass in Multi Context The post Filter Bypass in Multi Context appeared first on Brute XSS. |
2020年5月10日 09:35 | brutelogic |
Some Cross-Site Scripting (XSS) vectors arise from strict but allowed possibilities, forming tricky combinations. It’s all about contexts and sometimes the interaction between different contexts with different filters lead to some interesting bypasses. Although in the same document (or page), usually the source code of a HTTP response is formed by 3 different contexts: HTML, … Continue reading Filter Bypass in Multi Context The post Filter Bypass in Multi Context appeared first on Brute XSS. |