LOL, [0] is a nice example why blacklist are no good for data validation even worse in this example is that it trys data sanitation.
So a fuzzer (like w3af) should test each character for it's own. In this case checking " ' ` \ would be sufficient. A more sophisticated test would also try (URL-coded examples): %ea%88%a2%22 %ea%9c%a7%27 %e9%b1%9c%5c Simple, isn't id? Achim Am 13.09.2012 21:32, schrieb Andres Riancho: > Taras, > > How're you doing? I hope things are well, > > Have you seen this? [0] Do you think it would be a good idea to > have coverage/contexts for it? > > [0] > http://nileshkumar83.blogspot.com.ar/2012/05/bypassing-xss-filter-in-alert-msg-box_18.html > > Regards, ------------------------------------------------------------------------------ Got visibility? Most devs has no idea what their production app looks like. Find out how fast your code is with AppDynamics Lite. http://ad.doubleclick.net/clk;262219671;13503038;y? http://info.appdynamics.com/FreeJavaPerformanceDownload.html _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
