XSS

[dreamhack 드림핵] Write Up - Relative Path Overwrite
· Wargame/Web
보호되어 있는 글입니다.
[dreamhack 드림핵] Write Up : DOM XSS
· Wargame/Web
보호되어 있는 글입니다.
[PortSwigger] Write Up - Lab: Reflected XSS into a JavaScript string with angle brackets HTML encoded 풀이
· Wargame/Web
https://portswigger.net/web-security/cross-site-scripting/contexts/lab-javascript-string-angle-brackets-html-encoded Lab: Reflected XSS into a JavaScript string with angle brackets HTML encoded | Web Security Academy This lab contains a reflected cross-site scripting vulnerability in the search query tracking functionality where angle brackets are encoded. The reflection ... portswigger.net [문제]..
[PortSwigger] Write Up - Lab: Stored XSS into anchor href attribute with double quotes HTML-encoded 풀이
· Wargame/Web
https://portswigger.net/web-security/cross-site-scripting/contexts/lab-href-attribute-double-quotes-html-encoded Lab: Stored XSS into anchor href attribute with double quotes HTML-encoded | Web Security Academy This lab contains a stored cross-site scripting vulnerability in the comment functionality. To solve this lab, submit a comment that calls the alert ... portswigger.net [문제] [풀이] 코멘트를 달면 ..
[PortSwigger] Write Up - Lab: DOM XSS in innerHTML sink using source location.search 풀이
· Wargame/Web
https://portswigger.net/web-security/cross-site-scripting/dom-based/lab-innerhtml-sink Lab: DOM XSS in innerHTML sink using source location.search | Web Security Academy This lab contains a DOM-based cross-site scripting vulnerability in the search blog functionality. It uses an innerHTML assignment, which changes the HTML ... portswigger.net [문제] [풀이] 검색 결과를 확인해서 xss를 진행한다. 소스코드를 확인한다. 검색하게되면 밑..
[PortSwigger] Write Up - Lab: DOM XSS in document.write sink using source location.search 풀이
· Wargame/Web
https://portswigger.net/web-security/cross-site-scripting/dom-based/lab-document-write-sink Lab: DOM XSS in document.write sink using source location.search | Web Security Academy This lab contains a DOM-based cross-site scripting vulnerability in the search query tracking functionality. It uses the JavaScript document.write function, ... portswigger.net [문제] [풀이] 검색창에서 XSS 시도해야 하는 것 같다. 일반적인 XS..
[PortSwigger] Write Up - Lab: Stored XSS into HTML context with nothing encoded 풀이
· Wargame/Web
https://portswigger.net/web-security/cross-site-scripting/stored/lab-html-context-nothing-encoded Lab: Stored XSS into HTML context with nothing encoded | Web Security Academy This lab contains a stored cross-site scripting vulnerability in the comment functionality. To solve this lab, submit a comment that calls the alert ... portswigger.net [문제] [풀이] 이 문제는 XSS 문제이다. 메인 페이지에는 딱히 XSS 공격할 취약점이 없어..
[PortSwigger] Write Up - Lab: Reflected XSS into HTML context with nothing encoded 풀이
· Wargame/Web
https://portswigger.net/web-security/cross-site-scripting/reflected/lab-html-context-nothing-encoded Lab: Reflected XSS into HTML context with nothing encoded | Web Security Academy This lab contains a simple reflected cross-site scripting vulnerability in the search functionality. To solve the lab, perform a cross-site scripting attack ... portswigger.net [문제] [풀이] XSS 문제다. Search 가능한 기능이 있어서 바..
d3vh4cks
'XSS' 태그의 글 목록
상단으로

티스토리툴바