0x22bb
/
hacktricks
mirror of https://github.com/carlospolop/hacktricks.git
1
2
Fork 0
Code Releases Activity

GitBook: [#3606] No subject

This commit is contained in:
CPol 2022-10-16 14:05:57 +00:00 committed by gitbook-bot
parent 0c112f832b
commit f426de8b62
No known key found for this signature in database
GPG Key ID: 07D2180C7B12D0FF
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pentesting-web/unicode-injection/unicode-normalization.md
View File

@ -80,6 +80,10 @@ Then, a malicious user could insert a different Unicode character equivalent to
%ef%bc%82+%ef%bd%9c%ef%bd%9c+%c2%b9%e2%81%bc%e2%81%bc%c2%b9%ef%bc%8f%ef%bc%8f
```
#### sqlmap template
{% embed url="https://github.com/carlospolop/sqlmap_to_unicode_template" %}
### XSS (Cross Site Scripting)
You could use one of the following characters to trick the webapp and exploit a XSS: