I am using OWASP(zap) D-2017-02-27 to discover vulnerabilities in the site I am building.
I would like to access a URL that is not encoded and check if XSS has occurred.
I added JavaScript to ActiveRules because I wanted to have access with specific parameters that I couldn't detect by the behavior of xss as specified in OWSP, but the parameter values were URL-encoded and XSS did not occur.IE11 has confirmed that XSS occurs with equivalent access, so we would like to detect this in OWASP.I am troubled because I do not know much about Java/JavaScript.
Please help me.
http://localhost/app/index.html?cc=aaa
http://localhost/app/index.html?cc=aaa>"><script>alert(1)</script>;
I would like to have access that
uri=msg.getRequestHeader().getURI();
query=uri.getQuery()+'>">script>alert(1)</script>';
uri.setQuery(query);
When I create uri, I think that my knowledge of Java/JavaScript will encode the parameters, but is there any way to access it without encoding the URL?
If you set the second argument to true in the new URI part, the script will drop.
https://localhost/app/index.html?cc=aaa%3E%22%3E%3Cscript%3Ealert(1)%3C/script%3E
That's all.I look forward to your kind cooperation.
Refacted and reprinted the code.
I checked uri's class with the code below and found that it was org.apache.commons.httpclient.URI.
println(uri.getClass());
uri.setQuery(query);
↓
uri.setEscapedQuery(query);
Will it not work?
© 2024 OneMinuteCode. All rights reserved.