Vulnerable InforMation And News � Blog Archive � Bypass XSS filters - security news zero-day exploit

Bypass XSS filters (Paper)##############################################Title : XSS, how to bypass filters ##Author : k3nz0 ##Contact : ##Category : Papers ##Website : k3nz0.com ###############################################################Tunisian######################################Hacker##################################################################

This lessons is devided into 3 parts :[1] Introduction[2] Types of filters[3] Conclusion

[1] Introduction :Nowadays, most of “securised” websites, make filters to don’t allow cross site scripting “injections”, however, we can bypassthese filters by using the methods shown below

[2] Types of filters :We will learn, how to bypass these xss filters : [+]Bypass magic_quotes_gpc (if it’s on ) [+]Bypass with cryption in full html [+]Bypass with Obfuscation [+]Bypass with trying around method

############################################

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950[+]Bypass magic_quotes_gpc  when magic_quotes_gpc is on, it means that the server doesn’t allow, ", / and ‘ (it depends) to bypass it we use : String.fromCharCode() We write our code, in the () crypted in ASCII exemple : String.fromCharCode(107, 51, 110, 122, 48) (Here I crypted k3nz0 in ascii : 107, 51, 110, 122, 48 And we use it : <script>String.fromCharCode(107, 51, 110, 122, 48)</script> We will see : k3nz0 We bypassed magic_quotes_gpc  #############################################  [+] Bypass with cryption in full html :  Very simple, we have to encode our code in full HTTP! Our code : <script>alert(‘i am here’)</script> And in full HTTP : %3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%27%69%20%61%6D%20%68%65%72%65%27%29%3C%2F%73%63%72%69%70%74%3E  Now, you can inject it ! Notice that you can use the tool "Coder" to do encode it in full HTTP We bypassed filter.  #############################################  [+] Bypass with Obfuscation :  Very simple too, this filter, don’t allows for exemple these words : -script -alert  to bypass it, you change "script" with for exemple "sCriPt", and "alert" with "ALerT" ! For exemple : <ScriPt>ALeRt("i am here")</scriPt> We bypassed the filter.  ##############################################  [+] Bypass with trying around method :  Generally, it is in the searchs scripts, we just add "> at the begining to close current fields : exemple : target.com/search.php?search="><script>alert("hello")</script>   We bypassed the filter.

###############################################

It was, how we can bypass xss filters, and how to inject our code This lesson is explained by k3nz0Thank you for reading

GREETZ : ALLAH ! Aymanos, v1r, kannibal615 , born to kill, & more..

################################################© Offensive Security 2010

Related Posts

this entry was posted on Sunday, November 7th, 2010 at 4:11 am and is filed under Skills and tools, skills. you can follow any responses to this entry through the RSS 2.0 feed. you can leave a response, or trackback from your own site.

Vulnerable InforMation And News » Blog Archive » Bypass XSS filters – security news zero-day exploit

bypass filters, conclusion, hacker, obfuscation, quotes