In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-02-24 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)06/01 Report--
Note: this article describes the general xss injection method and verification method, and does not cover all xss cases.
Step 1: enter the following injected characters in any input box
> "'> alert (XSS)
> "'>
1234alert ("123456")
& {alert (123456)}
>% 22% 27 >
[rm] ">
[/ rm]
\ u003cimg src=1 onerror=alert (/ xss/)\ u003e
\ x20\ x27onclick\ x3dalert\ x281\ x29\ x3b\ x2f\ x2f\ x27
Step 2: after the submission is successful, view the page source code on the page where the parameters are read, and search for the injection just entered.
That is, if you submit it on [A page], you need to search for the source code on [B page] where you can view the content submitted on page A.
For example, enter > "'> alert (123456) in the input box of [A page]. After the submission is successful, search for" 123456 "on [B page].
Step 3: view the page source code
Case 1: see the source code of the page is
There is a xss problem
Parsing: the page does not put characters. "
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
