You are here : Home » Learning security » Applications » Web applications » XSS : Get string without quote

XSS : Get string without quote

D 2 January 2017     H 14:44     A Georges Michel     C 1 messages


Good year 2017 :)

Yesterday I was stuck when I DOM-based XSSed a website which removes quotes, double-quotes, parenthesis and back-tick.
I don’t know if the trick is obvious because I didn’t search, but I found a pretty use of JavaScript RegExp short notation.

I haven’t found yet a solution without using parenthesis or back-tick :-( but I found funny things I am going to show you.

The main idea is to use the implicit cast of a shortened RegExp notation :

In order to instantiate the string "/test/g".
However, if we want to use it, we need to remove the starting char "/" and ending chars "/g" like this:

Let’s play :

Above, note these double back-slash ("\\") avoid syntax error and they will be replaced by "//" in the location value.


Also in this section

7 April 2011 – Javascript -Java compatible encryption

23 October 2010 – One time passwords

1 Forum posts

Any message or comments?

This forum is moderated before publication: your contribution will only appear after being validated by an administrator.

Who are you?
Your post