Reflected XSS into Javascript String - Cross Site Scripting Demonstration

preview_player
Показать описание
In this burp suite academy lab we executed a reflected cross site scripting (XSS) attack. The title of the lab is 'Reflected XSS into a JavaScript string with angle brackets HTML encoded'.

Support This Channel
======================

Please like and subscribe, it means a lot!

Please buy me a coffee so I can continue to make content.

Join our Discord

00:00 Introduction
00:16 Why 'HTML encoded'?
00:46 Arbitrary search string
01:27 Constructing injection attack
03:54 Concise payload
  1. z3nsh3ll
  2. reflected xss
  3. javascript string
  4. angled brackets HTML encoded
  5. into a javascript string
  6. reflected xss into a javascript string with angle brackets html encoded
Рекомендации по теме
Reflected XSS into 0:02:01

Reflected XSS into a JavaScript string with angle brackets HTML encoded (Video solution, Audio)

Reflected XSS into 0:05:07

Reflected XSS into Javascript String - Cross Site Scripting Demonstration

Reflected XSS into 0:02:37

Reflected XSS into a JavaScript string with angle brackets and double quotes (Video solution)

Reflected XSS into 0:06:00

Reflected XSS into a JavaScript string with angle brackets and double quotes HTML-encoded

Reflected XSS into 0:01:27

Reflected XSS into a JavaScript string with angle brackets HTML encoded (Video solution)

Reflected XSS into 0:03:10

Reflected XSS into a JavaScript string with single quote and ... escaped (Video solution, Audio)

Reflected XSS into 0:02:56

Reflected XSS into a JavaScript string with angle brackets ... (Video solution, Audio)

Reflected XSS into 0:00:19

Reflected XSS into a JavaScript string with angle brackets HTML encoded

Reflected XSS into 0:02:00

Reflected XSS into a JavaScript string with single quote and backslash escaped (Video solution)

PortSwigger Labs - 0:09:58

PortSwigger Labs - Reflected XSS into a JavaScript string with angle brackets HTML encoded

Reflected XSS into 0:10:29

Reflected XSS into a JavaScript String with Single Quote and Backslash Escaped

PortSwigger Labs - 0:02:55

PortSwigger Labs - Reflected XSS into a JavaScript string with single quote and backslash escaped

Reflected XSS into 0:01:40

Reflected XSS into a JavaScript string with angle brackets HTML encoded

Reflected XSS into 0:07:46

Reflected XSS into a JavaScript string with angle brackets HTML encoded - Lab#09

Reflected XSS into 0:02:07

Reflected XSS into a JavaScript string with angle brackets HTML encoded

Reflected XSS into 0:10:46

Reflected XSS into a JS string with angle brackets & ' HTML-encoded & single quotes esc...

Reflected XSS into 0:01:24

Reflected XSS into a JavaScript string with angle brackets HTML encoded

Reflected XSS into 0:06:50

Reflected XSS into a JavaScript string with single quote and backslash escaped - Lab#18

Reflected XSS into 0:06:33

Reflected XSS into a JavaScript string with angle brackets HTML encoded

Reflected XSS into 0:00:31

Reflected XSS into a JavaScript string with angle brackets HTML encoded

Reflected XSS into 0:06:17

Reflected XSS into a JavaScript string with single quote and backslash escaped | Portswigger

13.27 Lab: Reflected 0:00:57

13.27 Lab: Reflected XSS into a JavaScript string with a single quote and backslash-escaped

Reflected XSS into 0:02:47

Reflected XSS into JavaScript string angle brackts and double quots HTML-encoded sngle quotes escapd

Reflected XSS into 0:01:47

Reflected XSS into a JavaScript string with single quote and backslash escaped

Комментарии
Автор

You are gem, Thanks for the explanation!!

dipeshdarji
Автор

bro thanks ! this video is gold, learned a lot, tried by myself, understood it well so what and why not dummy putting working payload :)

BakuSec
welcome to shbcf.ru