当前位置:网站首页>Manually dig XSS vulnerabilities
Manually dig XSS vulnerabilities
2022-07-01 08:14:00 【Cwillchris】
One 、 Unfiltered XSS Inject
visit :https://xss-quiz.int21h.jp
notes : The content in the prompt will be displayed only after it is selected
example 1: First, let's take a look at the logical structure of the page
Input 1, spot Search,, Show that... Can't be found 1
F12 Look at the code , We input 1 Is loaded into the page
We load <script>alert(document.domain);</script>, then F12 Take a look at its place in the code . (document.domain # The property is a read-only string , Contains... To load the current document web The hostname of the server . )
Input <script>alert(document.domain);</script>, spot Search, Popup
边栏推荐
猜你喜欢
Five combination boxing, solving six difficult problems on campus and escorting the construction of educational informatization
使用threejs简单Web3D效果
Keithley 2100 software 𞓜 Keithley2400 test software ns SourceMeter
![[getting started] enter the integer array and sorting ID, and sort its elements in ascending or descending order](/img/87/07783593dbabcf29700fa207ecda08.png)
[getting started] enter the integer array and sorting ID, and sort its elements in ascending or descending order
![[getting started] intercepting strings](/img/16/363baa4982408f55493057200bcba5.png)
[getting started] intercepting strings
Teach you how to apply for domestic trademark online step by step
Latex formula code
Embedded-c language-10-enumeration / (function) pointer (function) / multi-level pointer /malloc dynamic allocation / file operation
P4 installation bmv2 detailed tutorial
【无标题】
随机推荐
Rumtime 1200 upgrade: London upgrade support, pledge function update and more
String coordinates of number to excel
Scala语言学习-07-构造器
How to check ad user information?
[batch DOS CMD summary] extension variables - delay variables CMD /v:on, CMD /v:off, SETLOCAL enabledelayedexpansion, disabledelayedexpansion
[getting started] enter the integer array and sorting ID, and sort its elements in ascending or descending order
Erreur de hauteur du clavier souple
Li Kou daily question - day 31 -202 Happy number
Aardio - 自己构造的getIconHandle的方法
getInputStream() has already been called for this request
Differential: definition of total differential, partial derivative, gradient
getInputStream() has already been called for this request
Basic number theory -- combinatorial number
Book of quantitative trading - reading notes of the man who conquers the market
Php laraver Wechat payment
程序员养生宝典
数字转excel的字符串坐标
[force deduction 10 days SQL introduction] Day9 control flow
XX attack - reflective XSS attack hijacking user browser
EDA开源仿真工具verilator入门6:调试实例