[WEB SECURITY] XSS filter Bypass

Mon mon.ver85 at gmail.com
Wed May 30 04:23:50 EDT 2012


I'm no expert, but how about trying %C0%80 ('invalid 2 byte' UTF encoding
for Null)? Does that make any difference?


On Thu, May 24, 2012 at 12:16 PM, Appsec User <pentestguy.cs at gmail.com>wrote:

> Hi,
> I am probing for XSS in an application. Application has a filter which
> triggers if I put anything after less than sign '<' except space, %
> and >. So application accepts < character but only allows space, % and
> > after it. So e.g < script(note space in b/w) is allowed but <script
> will be rejected(no space). I have tested for various encoding also
> <%00script is allowed but it puts space between < and script and
> browser does not treat it as mark up. I cannot probe for javascript
> events as Payloads are reflecting in HTML context not in javascript
> context. Any suggestions how can I by-pass this filter.
> _______________________________________________
> The Web Security Mailing List
> WebSecurity RSS Feed
> http://www.webappsec.org/rss/websecurity.rss
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
> WASC on Twitter
> http://twitter.com/wascupdates
> websecurity at lists.webappsec.org
> http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20120530/c54d5bdf/attachment-0003.html>

More information about the websecurity mailing list