Help with XSS?

General technological topics without their own forum go here

Help with XSS?

Post by 5ilic0n on Thu Apr 18, 2013 12:35 pm
([msg=75205]see Help with XSS?[/msg])

I want to know what else I can try to bypass this anti-xss method.

Basically, I have an input form that looks like this:
Code: Select all
<input name="zip" type="text" class="form-text-box"  value="" />


The developer's code strips out quotes and these ">" "<".
I tried using unicode encoding and even double encoding, but it's just interpreted as strings.
Something like: %u0022 or %25u0022 (I think those are right).

Anything else I can try? I just want to get to know various techniques.
5ilic0n
New User
New User
 
Posts: 22
Joined: Sat Apr 06, 2013 3:08 am
Blog: View Blog (0)


Re: Help with XSS?

Post by -Ninjex- on Thu Apr 18, 2013 12:40 pm
([msg=75206]see Re: Help with XSS?[/msg])

If you're not willing to learn, no one can help you. If you're determined to learn, no one can stop you.⠠⠵
The absence of evidence is not evidence of absence.
I can explain it for you, but I can't understand it for you.
User avatar
-Ninjex-
Addict
Addict
 
Posts: 1308
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: Help with XSS?

Post by 5ilic0n on Thu Apr 18, 2013 12:41 pm
([msg=75207]see Re: Help with XSS?[/msg])

-Ninjex- wrote:Yep


omg :D
5ilic0n
New User
New User
 
Posts: 22
Joined: Sat Apr 06, 2013 3:08 am
Blog: View Blog (0)



Return to General

Who is online

Users browsing this forum: No registered users and 0 guests