发送<脚本>ajax 内容中的标签
我正在努力移植这个实验室: http://www .cis.syr.edu/~wedu/seed/Labs/Attacks_XSS/XSS.pdf
对于项目。然而,首先,我必须能够自己完成它。我正在尝试解决自我繁殖的蠕虫问题,但遇到了一些困难。如何通过内容发送脚本标签?如果我尝试:
var wormCode = getElementById("worm"); var escapedWorm = escape(wormCode.innerHTML); content="topicTitle=testprop&postText=&forum=3&action=ptopic"; Ajax.send(内容);
该标签脱离了它所在的更大的 javascript。我也尝试将其拆分为 :
...+"</scr"+"ipt>&...
但这不起作用。
有什么建议吗?
编辑:更新了我最近的(我希望是准确的)尝试。
I'm working on porting this lab: http://www.cis.syr.edu/~wedu/seed/Labs/Attacks_XSS/XSS.pdf
For a project. First, however, I have to be able to complete it myself. I'm trying to work out the self-propogating worm, and having some difficulties. How can I send a script tag through the content? If I try:
var wormCode = getElementById("worm"); var escapedWorm = escape(wormCode.innerHTML); content="topicTitle=testprop&postText=<script>"+escapedWorm+"</script>&forum=3&action=ptopic"; Ajax.send(content);
The tag breaks out of the larger javascript this sits in. I've also tried splitting it up as :
...+"</scr"+"ipt>&...
but this did not work.
Any tips?
edit: updated with my more recent (and I hope, accurate) attempts.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
您没有转义脚本标签。
You aren't escaping the script tags.
毕竟,将结束脚本标记分成两个不同的部分最终成功了。我认为我遇到的问题是特定于浏览器的。
Splitting up the the end script tag into two different parts ended up working after all. I think that the issues I was having with it were browser-specific.