Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

XSS into Java Script

Dany Jan 12, 2020 07:26AM UTC

Hello, I have a question again. About context into JavaScript, "Terminating the existing script" I understood. The question appears when I go to the lab for practice, >>Reflected XSS into a JavaScript string with single quote and backslash escaped<<, I did it well, but in solutions, I saw a small thing, but I didn't understand it well. So we have to send a random alphanumeric string and after we see it is reflected inside a JS string. After, here is the question, we try to submit "test'payload" and we can observe that single quote gets backslash escaped. i read about escape, what it is for, and understood. But we can try to terminate the tag and introduce a new one without sending this payload, can't we?! Why should we send this particular payload, what does this allow us to see in terms of vulnerability search??
Sorry because my English isn't very good, I hope you got what I mean. Thanks)))))))

Ben Wright Jan 13, 2020 11:32AM UTC Support Center agent


This particular payload is sent in order to identify that character escaping is being used within this particular environment. You could, of course, jump straight to sending the payload that terminates the existing script tag and introducing our own but the labs are really designed to give you experience of various different scenarios that you might face in the real world. This will allow you to adopt a methodology to follow in order to be able to identify and exploit XSS vulnerabilities in a whole range of different environments.

Please let us know if you require any further information.

Post Your public answer

Your name
Your email address