sahil Posted October 4, 2017 Share Posted October 4, 2017 (edited) I was probing for a reflected xss and I haven't been able to beat the url encoding being performed on the backslash character. the <script>alert(1)<script> is reflected as it is but backslash is encoded into %2F. I tried double encoding the backslash and submitting the new script directly in the url but this dosen't seem to work either. special characters like = ; are also being url encoded. Should I stop probing for xss and look for other point of exploitation or is there a way to cause an xss. **UPDATE: ** after trying inserting <xml%00onreadystatechange%253Dalert(1)> directly in the URL, the reflected string that I get is this but in the URL everything after <xml gets truncated. I guess something worked here and the filters picked it up and truncated everything after <xml. Edited October 4, 2017 by sahil Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.