RE: XSS Testing

["Mike Andrews" <mike () se fit edu>]

Hi PenTest Guy,

This questions has been asked before on this list, so rather than go into
details, let's just point back to an old post...

http://seclists.org/lists/webappsec/2002/Oct-Dec/0247.html

There's various "ultimate string collections" and articles linked from this
thread - I hope that it satisfies your question.

Cheers,
Mike.

---
Mike Andrews
Florida Institute of Technology


> -----Original Message-----
> From: PenTest Guy [mailto:pentestguy () hotmail com]
> Sent: Friday, September 17, 2004 11:26 AM
> To: webappsec () securityfocus com
> Subject: XSS Testing
>
> I'm testing a web application.  Previously, I had found XSS using a
> standard
> variant: <scr1pt>al3rt('XSS')</scr1pt> (note used 3 for e and 1 for i as
> to
> not cause any problems).  I also URL encoded this same variant and it
> worked
> as well.  So I told them how to fix it (filtering out malicious
> characters,
> encoding, etc. on the server side) and it seems fixed now.  I was just
> curious if there is any other way to manipulate the same variant, such as
> other encoding schemes, that might bypass the protections I recommended.
>
> Thanks.
>
> _________________________________________________________________
> Don't just search. Find. Check out the new MSN Search!
> http://search.msn.click-url.com/go/onm00200636ave/direct/01/