From 18c97239c9dc6e63c6535be2fb571d5ac98b071b Mon Sep 17 00:00:00 2001 From: DripDrop14 Date: Mon, 24 Aug 2015 11:03:09 -0400 Subject: [PATCH 1/2] Appended `` to XSS. (In response to kizu's issue.) --- blns.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/blns.txt b/blns.txt index 0d5ef64..6bff92b 100644 --- a/blns.txt +++ b/blns.txt @@ -474,7 +474,7 @@ perl -e 'print "<IMG SRC=java\0script:alert(\"XSS\")>";' > out <IMG SRC="javascript:alert('XSS')" <iframe src=http://ha.ckers.org/scriptlet.html < \";alert('XSS');// - +<plaintext> # SQL Injection # From a008700e0744e6460e767ddd13c3a54fbfcb2243 Mon Sep 17 00:00:00 2001 From: DripDrop14 <dripdropld@gmail.com> Date: Mon, 24 Aug 2015 11:03:44 -0400 Subject: [PATCH 2/2] Appended `<plaintext>` to XSS. (In response to kizu's issue.) --- blns.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/blns.json b/blns.json index 11b3da1..fc77c76 100644 --- a/blns.json +++ b/blns.json @@ -392,6 +392,7 @@ "<IMG SRC=\"javascript:alert('XSS')\"", "<iframe src=http://ha.ckers.org/scriptlet.html <", "\\\";alert('XSS');//", + "<plaintext>", "1;DROP TABLE users", "1'; DROP TABLE users-- 1", "' OR 1=1 -- 1", @@ -460,4 +461,4 @@ "But now...\u001b[20Cfor my greatest trick...\u001b[8m", "The quic\b\b\b\b\b\bk brown fo\u0007\u0007\u0007\u0007\u0007\u0007\u0007\u0007\u0007\u0007\u0007x... [Beeeep]", "Powerلُلُصّبُلُلصّبُررً ॣ ॣh ॣ ॣ冗" -] \ No newline at end of file +]