Perfecting our Payload
Last updated
Last updated
If we view the Page Source, We'll see the Adam name reflected in the code
Instead of entering our name, we are going to insert our payload
Viewing the page source, we can see your name reflected inside the value attribute of the input tag
If we try our usual payload, it wouldn't work as the script tags cannot run inside the input tag - So it's better we close the input tag first and then execute our script payload !
The
">which closes the value parameter and then closes the input tag
We'll have to escape the textarea tag a little differently from the input one
So the payload would look something like
Entering our name into the form, we'll see it reflected on the page
This level looks similar to level one, but upon inspecting the page source, we'll see our name gets reflected in some JavaScript code
We'll have to escape the existing JavaScript command
The ' closes the field specifying the name
The ; signifies the end of the current command
The // at the end makes anything after it a comment rather than executable code
This level looks the same as level one, and our name also gets reflected in the same place
But if we try the <script>alert('THM');</script> payload, it won't work
We can see that it's filtering out our script word, since Js is not a case-sensitive language we can use this payload
We can even use this payload
Similar to level two where we'll have to escape from the input tag, here we'll have to escape from the img tag
We can see that the < and > characters get filtered out from our payload, preventing us from escaping the img tag
So to bypass this, We can take advantage of the additional attributes of the IMG tag, such as the onload event
The onload event executes the code of your choosing once the image specified in the src attribute has loaded onto the web page
Let's now modify our payload to something like
An XSS polyglot is a string of text which can escape attributes, tags and bypass filters all in one
