Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[v1.5] Parameter Analysis Improvements #60

Open
6 tasks
hahwul opened this issue Feb 25, 2020 · 0 comments
Open
6 tasks

[v1.5] Parameter Analysis Improvements #60

hahwul opened this issue Feb 25, 2020 · 0 comments
Labels
plan
Milestone
v1.5

Comments

@hahwul
Copy link
Owner

hahwul commented Feb 25, 2020
edited
Loading

  • Check Base64 Reflection
request 
PHN2Zy9vbmxvYWQ9YWxlcnQoNDUpPg==

return 
<svg/onload=alert(45)>

=> found!
  • Check Base64 Decode Reflection
  • Check HTML Hex Decode Reflection (from Add pattern #62)
  • Check HTML Entity reflection (from Add pattern #62)
  • Add percent of reflected
request
<svg/onload=alert(45)>

response
<svg/onload=alert45>

=> 90%
  • Minning parameters from http response(input, js var)
@hahwul hahwul added the plan label Feb 25, 2020
@hahwul hahwul added this to the v1.5 milestone Feb 25, 2020
@hahwul hahwul mentioned this issue Feb 25, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
plan
Projects
None yet
Milestone
v1.5
Development

No branches or pull requests
1 participant
@hahwul