XSS challenge (6-10) more detailed answers

LEVEL 6

After capturing the package of this question, it is found that the keyword has been replaced ,script src on All replaced

The words here , You can try to bypass the case “><iframe Src=javascript:alert(/xss/)”>
So neat , You can go through （ It did , I didn't cut it off -_-)

LEVEL 7

Conventional thinking , Clostridium input Build after tag script label ">

Find out script Deleted

Try double write bypass ">alert(/xss/)

LEVEL 8

f12 Found entered in url Has been inserted in the following links
So try it directly javascript:alert(/xss/)

Find out javascript Replaced , After many attempts , Find out src script And other fields are replaced
So the use of TAB Tab bypass %09

js You can insert tabs in the links of the code without affecting the operation
payload: javascr%09ipt:alert(/xss/)

LEVEL 9

Compared with the last one , Added http:// Field detection , The only way to get around here is to use comments and add http://
payload: javascript:alert(/xss/)//http://
there r Used html Entity encoding is used to bypass the pair script The escape of , As used before to filter sensitive characters specialchars() Will be <> Such characters are converted into entity codes

LEVEL 10

Found after testing <> Encoded by entities , There is only one output point , But after many attempts, I still can't pass , So check f12

Found that there was a form Forms , So build payload
123&t_sort=test" type=“text” οnmοuseοut="alert(/xss/)
Pop-up window