Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Apply XSS payload at Directory/File name instead of Parameter #424

Open
sn1p3rt3s7 opened this issue Feb 28, 2025 · 0 comments
Open

Apply XSS payload at Directory/File name instead of Parameter #424

sn1p3rt3s7 opened this issue Feb 28, 2025 · 0 comments

Comments

@sn1p3rt3s7
Copy link

I have encountered an Content Spoofing in a major website. The website reflects the text inserted after the first fwd slash.
e.g example.com/[dot]content_reflected_on_page
This is reflected on language dropdown section of the page. So I assume the value with dot is considered as a language file.

  • example.com/de - displays the page in german, shows de at language dropdown.
  • example.com/det - Error page, no reflection
  • example.com/anything.visit example.com - displays anything.visit example.com at language dropdown.

However I am not able to break out of the tag. Single, double qoute, gt, lt symbols are encoded before displaying.
Which led me to thinking of trying this on automated tool. But I noticed that the tool allows only injection of payload at parameters.

Solution:

  • Add option e.g. -keyword to implement injection of payload at the position of choice using keyword like XSStrike ( like FUZZ keyword in FFUF tool).
  • Also an option to inform the tool to include a character ( in this case, dot ) mandatorily.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sn1p3rt3s7