Hi, all!
JFYI: currently I'm working on optimize xss&contect code to pass wavsep
unittests. One of problems to solve now is double context (How may of
you watched Inception movie [0]? :):
<html>
<input type="button" value="ClickMe" onClick="var
customerName='PAYLOAD'">
</html>
As you see here JS context is inside HTML attribute (JS event handler)
onlick.
[0] http://www.imdb.com/title/tt1375666/
--
Taras
http://oxdef.info
GPG: C8D1F510
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
W3af-develop mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/w3af-develop
