| Welcome to Sector 4. We hope you enjoy your visit. You're currently viewing our forum as a guest. This means you are limited to certain areas of the board and there are some features you can't use. If you join our community, you'll be able to access member-only sections, and use many member-only features such as customizing your profile, sending personal messages, and voting in polls. Registration is simple, fast, and completely free. Join our community! If you're already a member please log in to your account to access all of our features: |
| Commonly used XSS tags.; The basic and the best. | |
|---|---|
| Tweet Topic Started: May 22 2009, 08:50 AM (96 Views) | |
| xdemo | May 22 2009, 08:50 AM Post #1 |
|
Kurikinton Fox rox my sox!
![]() ![]() ![]() ![]()
|
The 14 most commonly used injections Once you have added the final touch to your new homepage, or company's look. It is recommended to check all entry forms for script leakage. In other words check for holes where inserted scripts can leak out and store themselves within the page. As a guideline: any HTML tags you can come up with may possibly work. 1. HTML + TEXT If you're in a rush and you need to quickly check a page, injecting the "<PLAINTEXT>" tag will be more than enough to check to if something is vulnerable to XSS by messing up the output. Forms to be checked, usually search bars and guest books. Respectively here is a list of the most primitive HTML tags...
2. HTML + IMAGES Images, borders, backgrounds, stylesheets and icons. The following tags and strings may possibly affect your site in unwanted ways
3. Manipulation Re-directing a page to another co-existing "off site" page. The use of an embedded i-frame can also effect the way a page functions by using forign scripts.
How to avoid XSS attacks. Simply require moderation on all guestbook/feedback submission pages. This way you can look for any well known attack vectors. |
![]() |
|
| « Previous Topic · Cross Site Scripting · Next Topic » |





![]](http://z1.ifrm.com/static/1/pip_r.png)



7:04 PM Jul 11