-
-
[翻译]XSS注入检测
-
发表于:
2010-7-20 23:16
2521
-
XSS locator 2. If you don't have much space and know there is no vulnerable JavaScript on the page, this string is a nice compact XSS injection check. View source after injecting it and look for <XSS verses <XSS to see if it is vulnerable
XSS定位2如果你没有时间,要想知道某一个网页上是否存在脆弱的javascript 脚本,此字符串是一个不错的小巧的XSS注入检查,注射后查看代码。并寻找<xss的语句> 看看他是否存在有注入的跨站脚本 (英语不太好。大体是这样的意思~希望大家见量)
'';!--"<XSS>=&{()}
浏览器支持:[IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
[课程]Android-CTF解题方法汇总!
