Http://blog.sina.com.cn/s/blog_68d342d90100nh7b.html
Today I was looking at a station and stumbled across an XSS loophole, pay attention to the next URL form, and then Google, it does not cost what strength to get a large number of the site of XSS vulnerabilities, just today nothing, I also have to write something to my blog, or it will be the search engine punishment ...
Here, briefly on how to look for XSS vulnerabilities, generally, when I browse the site, I found that there are characters in the URL or with a percent of the URL encoding, I will add:
<script>alert (' Silic ') </script>
To test the URL for an XSS vulnerability, I said the two cases are as shown in the figure:
In addition, this may be the case when exploiting an XSS vulnerability:
This situation is because the Web site hangs a generic anti-injection program, prohibit the submission of single quotes, we only need to change the single quotation mark in the test statement to double quotes, namely:
<script>alert ("Silic") </script>
As for the usefulness of XSS vulnerabilities, it depends on their own skills, as for the transfer of non-persistent XSS for persistent XSS and so on, it depends on personal thinking, here is not much to say.
In addition, in my blog, there is a special XSS vulnerability collection published articles, interested can go to see,
Http://blog.sina.com.cn/s/blog_68d342d90100m3v8.html
A little bit of experience, Google search "inurl: ' product.asp?" Bigclassname ' "
Out of the results, 10 of the eight have XSS ...
End