Jump to content
Gonzalez

Bypass XSS filters (Paper)

Recommended Posts

Posted

#############################################

#Title : XSS, how to bypass filters #

#Author : k3nz0 #

#Contact : o9p@hotmail.fr #

#Category : Papers #

#Website : k3nz0.com #

#############################################

#################Tunisian####################

##################Hacker#####################

#############################################

This lessons is devided into 3 parts :

[1] Introduction

[2] Types of filters

[3] Conclusion

[1] Introduction :

Nowadays, most of "securised" websites, make filters to don't allow cross site scripting "injections", however, we can bypass

these filters by using the methods shown below :)

[2] Types of filters :

We will learn, how to bypass these xss filters :

[+]Bypass magic_quotes_gpc (if it's on )

[+]Bypass with cryption in full html

[+]Bypass with Obfuscation

[+]Bypass with trying around method

############################################

[+]Bypass magic_quotes_gpc

When magic_quotes_gpc is on, it means that the server doesn't allow, ", / and ' (it depends)

to bypass it we use :

String.fromCharCode()

We write our code, in the () crypted in ASCII

exemple :

String.fromCharCode(107, 51, 110, 122, 48)

(Here I crypted k3nz0 in ascii : 107, 51, 110, 122, 48

And we use it :

<script>String.fromCharCode(107, 51, 110, 122, 48)</script>

We will see : k3nz0

We bypassed magic_quotes_gpc :)

#############################################

[+] Bypass with cryption in full html :

Very simple, we have to encode our code in full HTTP!

Our code : <script>alert('i am here')</script>

And in full HTTP :

%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%27%69%20%61%6D%20%68%65%72%65%27%29%3C%2F%73%63%72%69%70%74%3E

Now, you can inject it :) !

Notice that you can use the tool "Coder" to do encode it in full HTTP

We bypassed filter.

#############################################

[+] Bypass with Obfuscation :

Very simple too, this filter, don't allows for exemple these words :

-script

-alert

To bypass it, you change "script" with for exemple "sCriPt", and "alert" with "ALerT" !

For exemple :

<ScriPt>ALeRt("i am here")</scriPt>

We bypassed the filter.

##############################################

[+] Bypass with trying around method :

Generally, it is in the searchs scripts, we just add "> at the begining to close current fields :

exemple :

http://target.com/search.php?search="><script>alert("hello")</script>

We bypassed the filter.

###############################################

[3] Conclusion :

It was, how we can bypass xss filters, and how to inject our code :)

This lesson is explained by k3nz0

Thank you for reading

GREETZ : ALLAH ! Aymanos, v1r, kannibal615 , born to kill, & more..

################################################

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...