Unformatted text preview: the server that renders the attack, by not
properly escaping or sanitizing the stored data. Reflected XSS HTML/Script HTML/Script
HTML/Script You won! Click here!
etc., HTML/Script Stored XSS
Forum/Guestbook HTML/Script HTML/Script Web Exploitation and Vulnerabilities
The most dangerous characters in a URL are < and >. If you can get an application to
directly insert what you want in a page and can get those characters through, then you
can probably get a script through. Try these:
http://google-gruyere.appspot.com/<your unique Gruyere id >/%3e%3c(single encoding)
http://google-gruyere.appspot.com/<your unique Gruyere id>/%253e%253c (double encoding)
http://google-gruyere.appspot.com/<your unique Gruyere id>/%c0%be%c0%bc ( bad UTF-8 encoding) Append the following scripts to your URL instance in Gruyere
<a href="www.google.com" onMouseover="window.alert('Hello');"> My Fav search engine </a>
Now insert any image downloaded from the web onto the page – (Hint: append <img> to the URL) Web Exploitation and Vulnerabilities
Exercise 2a Reflected XSS
Can you upload a file that allows you to execute arbitrary script on the
• Use some of the lab 05 exercise scripts. For example, upload a .html file containing
scripts like these:
• <script> alert(document.cookie); </script>
• <script> alert(‘hello w...
View Full Document
This document was uploaded on 04/04/2014.
- Spring '14