[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: XSS question.
If the server escapes everything (example <b>hi</b> becomes \<b\>hi\<\\b\>)
then you can't xss with the script method. As far as the browser leaving %20
no it won't execute. using + instead of %20 also will not work. If you can manage
to get the xss hole between a <script>
you encode the entire string does it leave it or attempt any type of translation back?
(aka does it simply not translate %20 or does it do this to every character?)
> Hey I am trying to figure out a way to exploit a webserver that is
> supposedly vulnerable to XSS. The issues are:
> 1. </SCRIPT> gets converted into <\SCRIPT> in the server response.. for
> ScrIPT, etc too..
> 2. img%20src remains img%20src in the response.. (the server does no
> response from the server.. e.g. any other single-worded HTML tag etc that