Reflected XSS with event handlers and href attributes blocked (Video solution, Audio)

Рет қаралды 11,196

Michael Sommer

Күн бұрын

Пікірлер: 35

@superstriker9146 2 жыл бұрын

explanation level : GOD

@gokalpbas6184 3 жыл бұрын

Yeah, Michael did not make any explanation but its at reasonable level to understand. Lab description says "href attributes blocked" but even tough we have to use href attribute, and but how ?. In this point tag has to be used, because it has a attribute feature that we can give href name (animate attributeName=href) and how can you use animation tag ? with tag off course then rest are very easy. By the way you dont have to decode the payload to get alert (click) this payload also works, but you have to enter it in the url.

@gokalpbas6184 3 жыл бұрын

what i dont understand here, after alert(1) why we have to write "+/" and without it payload doesnt work, can anyone explain this ?

@0xtheM7 2 жыл бұрын

@@gokalpbas6184 I also don't understand that part....

@SteveWoznokav 2 жыл бұрын

@@gokalpbas6184 + is for the space , you can use %20 instead of + and forward slash / is to end the animate tag so you can also use this payload: %3c%73%76%67%3e%3c%61%3e%3c%61%6e%69%6d%61%74%65%20%61%74%74%72%69%62%75%74%65%4e%61%6d%65%3d%68%72%65%66%20%76%61%6c%75%65%73%3d%6a%61%76%61%73%63%72%69%70%74%3a%61%6c%65%72%74%28%31%29%20%2f%3e%3c%74%65%78%74%20%78%3d%32%30%20%79%3d%32%30%3e%43%6c%69%63%6b%20%6d%65%3c%2f%74%65%78%74%3e%3c%2f%61%3e

@mallikao.9493 Жыл бұрын

@@gokalpbas6184 You might have already understood this part but the '+/' at the end is actually " /" - the space is URL encoded as '+' sign. You just need " /" if you're entering the payload in searchbox instead of the URL.

@zzzz-qt7wj 11 ай бұрын

@@gokalpbas6184 I think this +/ stands for the way to end the tag

@chuckyyes 3 жыл бұрын

how in the world would you get that long url you just type there was no explanation for it

@Esola11 3 жыл бұрын

it is an encoded form of a URL. basically every symbol or two means something example: before decoded: 3Csvg%3E%3Ca%3E after decoded: :)

@chuckyyes 2 жыл бұрын

@mummysaidican'thaveabf damn, where were you a year ago? lmao

@BelowAverageRazzleDazzle 3 жыл бұрын

I know it's the lab solution, but IMHO - it's a fail. The point of the lab was to display a link that said "click me" that executed a payload when someone clicked on it. I quote the lab: "To solve the lab, perform a cross-site scripting attack that injects a vector that, when CLICKED, calls the alert function." This payload does NOT accomplish that objective. The test "click me" doesn't even display on the screen.

@sharjeelaliaqil7998 2 жыл бұрын

He just consider us a lame guy and believe we dont even know to use burpsuite so that's why he only implements the solution that is already written on solutions

@amirkhajvandsas7435 Жыл бұрын

oh good , how nice you describe things, please continue.

@ChickenTrader-wk8se 3 жыл бұрын

great explanation !! the best mentor in the world!!

@Esola11 3 жыл бұрын

in history ever!

@muh.zaindin4063 3 жыл бұрын

fine explaination , but why do you choose those specific tags .. ? i think i have to learn more about crafting xss payloads

@Michael10Sommer 3 жыл бұрын

Hi, thank you very much. There is a solution on the lab site. Everything what you find in my videos is also in the lab solution. Because I think some people would rather watch a video than read a text.

@weilyn8538 2 жыл бұрын

@@Michael10Sommer then why don't you just copy the damn payload from the solution on your screen and paste it. Save time for copy writing one character at a time. For GOD sake. How would anyone trust videos like these?

@sritamshrabanrath5148 3 жыл бұрын

How did you know what to write and how do you know that this is the payload ?

@gabrieldylan9789 3 жыл бұрын

He copied from the solution.

@huyha3684 Жыл бұрын

@@gabrieldylan9789 The problem is why he chose to manually type the URL encode instead of simply typing the normal URL and then encoding it. I don't understand why he wasted time creating a video like this.

@plasticgut 3 жыл бұрын

These video solutions really don't add anything to the solutions of the labs. I'd recommend actually explaining subjects, instead of just reciting something.

@deadbeef2482 Жыл бұрын

terrible, no explanation provided

@woorix 2 жыл бұрын

what if the animate tag was blocked too?

@akashmgmg2693 2 жыл бұрын

useless solution. without any explination and clarity

@paulojr1384 2 жыл бұрын

could someone explain this payload step by step?

@acronproject Жыл бұрын

Thanks you

@guwange-ix5jx Жыл бұрын

Why not put in the extra work to actually understand the material and then share that knowledge with others? That's what everyone in the comments here is looking for.

@amirzamani5440 Жыл бұрын

میگم پول هم بهت میدن بابت این کلیپا؟

@CyberEncrypt 10 ай бұрын

Waste of time without an explanation; nothing to learn. The lab itself already gives you the payload and you know it's an url that goes on the search.... this is kind of disappointing