OWASP Security Shepherd Project - Cross Site Scripting 5 (XSS Challenge)

Challenge


Solution

    As the same logic in challenge 4, let's see how good the URL validation is.
    Let's try to input http.


    Not working. The web application use default url instead of our input to display webpage.
    Let's move one step forward by trying http:.

    It works!! Now, we know that http: could pass the validation.
    We could then start to ask ourselves how to make the response to be something like <a href="http..." onxxx=...>.

    Input http://a".b.c to see if it still able to pass URL validation.


    Good! Let's go on and try http://a" onselect=alert('XSS') .b.c.



    Well, it seems that nothing is filtered and this should give us a XSS, but it is not. Let's check the response again carefully. We could notice that the second " is in red with firebug view, but it should be in blue. As a result, we could guess that the second " is escaped.
    Let's input http://a"" onselect=alert('XSS') .b.c.
 
    Great! The challenge is completed.



留言

The Hottest Articles

OWASP Security Shepherd Project - My Practice & Solutions

OSCP回顧 & 準備建議

OWASP Security Shepherd Project - SQL Injection 3 (Injection Challenge)