当前位置:网站首页>Manually dig XSS vulnerabilities
Manually dig XSS vulnerabilities
2022-07-01 08:14:00 【Cwillchris】
One 、 Unfiltered XSS Inject
visit :https://xss-quiz.int21h.jp
notes : The content in the prompt will be displayed only after it is selected
example 1: First, let's take a look at the logical structure of the page
Input 1, spot Search,, Show that... Can't be found 1
F12 Look at the code , We input 1 Is loaded into the page
We load <script>alert(document.domain);</script>, then F12 Take a look at its place in the code . (document.domain # The property is a read-only string , Contains... To load the current document web The hostname of the server . )
Input <script>alert(document.domain);</script>, spot Search, Popup
边栏推荐
- Provincial election + noi Part VII computational geometry
- 軟鍵盤高度報錯
- The difference between interceptors and filters
- [redis] it takes you through redis installation and connection at one go
- Provincial election + noi Part III tree problems
- String coordinates of number to excel
- 【力扣10天SQL入门】Day9 控制流
- Aardio - Method of self constructed geticonhandle
- Li Kou daily question - day 31 -202 Happy number
- [untitled]
猜你喜欢
Tupu software has passed CMMI5 certification| High authority and high-level certification in the international software field
web254
Access report realizes subtotal function
Serial port oscilloscope software ns-scope
STM32 uses esp01s to go to the cloud, mqtt FX debugging
Use threejs simple Web3D effect
Latex formula code
凸印的印刷原理及工艺介绍
Erreur de hauteur du clavier souple
Differential: definition of total differential, partial derivative, gradient
随机推荐
Insufficient executors to build thread pool
How to check ad user information?
[dynamic planning] p1020 missile interception (variant of the longest increasing subsequence)
使用beef劫持用戶瀏覽器
力扣每日一题-第31天-1790.仅执行一次字符串交换能否使两个字符串相等
web254
Sqlalchemy creating MySQL_ Table
Find the nearest n-th power of 2
Practice and Thinking on the architecture of a set of 100000 TPS im integrated message system
Day5: scanner object, next() and nextline(), sequential structure, selection structure, circular structure
事务方法调用@Transactional
[staff] key number (key number identification position | key number marking list | a major key identification principle | F, C, G position marking ascending | F major key identification principle | B
[question brushing] character statistics [0]
Provincial election + noi part I dynamic planning DP
Principle and process of embossing
Access report realizes subtotal function
初学者如何正确理解google官方建议架构原则(疑问?)
Scala语言学习-07-构造器
Erreur de hauteur du clavier souple
7-26 word length (input and output in the loop)