There are vulnerabilities in almost any web project, and I will teach you how to use this circumstance for your own purposes. Practical, of course.
How to Investigate the Site Name Element
Any web application works on the principle of character encoding "<"and">". First, you need to figure out how the processing takes place. The check can be bypassed if it occurs on the HTML5 / Javascript client side.
So, open the page in a convenient browser, right-click on the "Site Name" form. You will see a context menu. In order to open a window with editing the properties of elements, you must select the item called "Inspect Element".
How to remove all client side constraints
Everything is very simple here. You just need to increase the value in the maxsize field, while first removing the pattern field. In total, we get:
How to remove the code responsible for character encoding
Most likely, the characters "<" and ">" are processed using the ex1.js (Javascript) file. The first step is to slightly edit the avascript code on the client side. To do this, I suggest using the Web Developer plugin. Remove the code that is responsible for encoding HTML characters by going to the Sources tab. Here's what we get:
How to add payload
After removing the client-side character processing, add the following payload to the Site Name field, remembering to click on Submit:
What do we have in the bottom line? With the help of the performed manipulations, we successfully inject the payload into the page. There is only one way to defend against such attacks: it is necessary that the verification of user data occurs on the server side.
Thanks for reading. Subscribe to the Levaya Simka channel, there will be a lot of interesting things ahead.
How to Investigate the Site Name Element
Any web application works on the principle of character encoding "<"and">". First, you need to figure out how the processing takes place. The check can be bypassed if it occurs on the HTML5 / Javascript client side.
So, open the page in a convenient browser, right-click on the "Site Name" form. You will see a context menu. In order to open a window with editing the properties of elements, you must select the item called "Inspect Element".
How to remove all client side constraints
Everything is very simple here. You just need to increase the value in the maxsize field, while first removing the pattern field. In total, we get:
Code:
<input type = "text" placeholder = "Name of site" maxsize = "100" class = "form-control" required = "" name = "name">How to remove the code responsible for character encoding
Most likely, the characters "<" and ">" are processed using the ex1.js (Javascript) file. The first step is to slightly edit the avascript code on the client side. To do this, I suggest using the Web Developer plugin. Remove the code that is responsible for encoding HTML characters by going to the Sources tab. Here's what we get:
Code:
var siteName = $ (". ex1 input [type = 'text']"). val (). trim (). replace (/ </ g, "<"). replace (/> / g, ">") ; var siteURL = $ (". ex1 input [type = 'url']"). val (). trim (). replace (/ </ g, "<"). replace (/> / g, ">") ;How to add payload
After removing the client-side character processing, add the following payload to the Site Name field, remembering to click on Submit:
Code:
<script> alert ('Ex1') </script>What do we have in the bottom line? With the help of the performed manipulations, we successfully inject the payload into the page. There is only one way to defend against such attacks: it is necessary that the verification of user data occurs on the server side.
Thanks for reading. Subscribe to the Levaya Simka channel, there will be a lot of interesting things ahead.
