From 183ae90ec52dd99edb58ef1560e745f9ab8ddc98 Mon Sep 17 00:00:00 2001 From: Joseph Lennox Date: Wed, 12 Aug 2015 08:54:41 -0700 Subject: [PATCH 1/2] Unify message for XSS strings to a numeric value. This is the best for a PoC because it avoids any quote escaping. --- blns.txt | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/blns.txt b/blns.txt index e64be76..3fbc200 100644 --- a/blns.txt +++ b/blns.txt @@ -215,25 +215,25 @@ Z̮̞̠͙͔ͅḀ̗̞͈̻̗Ḷ͙͎̯̹̞͓G̻O̭̗̮ # # Strings which attempt to invoke a benign script injection; shows vulnerability to XSS - - - -"> -'> -> - -< / script >< script >alert(document.title)< / script > - onfocus=alert(document.title) autofocus -" onfocus=alert(document.title) autofocus -' onfocus=alert(document.title) autofocus -<script>alert(document.title)</script> -ript>alert('XSS')ript> ---> -";alert(0);t=" -';alert(0);t=' -JavaSCript:alert(0) -;alert(0); -src=JaVaSCript:prompt(9) + + + +"> +'> +> + +< / script >< script >alert(123)< / script > + onfocus=JaVaSCript:alert(123) autofocus +" onfocus=JaVaSCript:alert(123) autofocus +' onfocus=JaVaSCript:alert(123) autofocus +<script>alert(123)</script> +ript>alert(123)ript> +--> +";alert(123);t=" +';alert(123);t=' +JavaSCript:alert(123) +;alert(123); +src=JaVaSCript:prompt(132) # SQL Injection # From 6ac5d0e3ab5ea56fd92c977f52cf1756a0723901 Mon Sep 17 00:00:00 2001 From: Joseph Lennox Date: Wed, 12 Aug 2015 08:56:32 -0700 Subject: [PATCH 2/2] Add a few more XSS attacks for attribute escape. --- blns.txt | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/blns.txt b/blns.txt index 3fbc200..2f10153 100644 --- a/blns.txt +++ b/blns.txt @@ -234,6 +234,11 @@ Z̮̞̠͙͔ͅḀ̗̞͈̻̗Ḷ͙͎̯̹̞͓G̻O̭̗̮ JavaSCript:alert(123) ;alert(123); src=JaVaSCript:prompt(132) +">