Pages: [1]

Author Topic: Probing to find XSS.  (Read 619 times)

0 Members and 1 Guest are viewing this topic.

Offline kenjoe41

  • Symphorophiliac Programmer
  • Administrator
  • Baron
  • *
  • Posts: 990
  • Cookies: 224
    • View Profile
Probing to find XSS.
« on: December 20, 2015, 08:20:51 pm »
Quote
To find XSS flaws we need to know where to look for it and how we can detect it. Where to look for it is as simple as complicated: all we need is to probe every input the application has.

We will do it using a probe string: a set of characters that we can look for it in source code in order to know if we can go further to inject a payload.

So let’s think about it: which is the most important single character for a XSS payload? As we are dealing with HTML, the most important is the identifier of a tag: the less than sign “<”.

Read up: http://ezl.ink/v
Report to moderator   Logged
If you can't explain it to a 6 year old, you don't understand it yourself.
http://upload.alpha.evilzone.org/index.php?page=img&img=GwkGGneGR7Pl222zVGmNTjerkhkYNGtBuiYXkpyNv4ScOAWQu0-Y8[<NgGw/hsq]>EvbQrOrousk[/img]
Pages: [1]