First of all, your books are just awesome!
I got an idea in order to improve this script, I would like to get your feedback on it. If we could somehow have the reddit users filters that have been bypassed by theirs evasion methods, we could simply using some regex directly get a working bypass method.
I explain, let's say that redit_xss.py takes one argument which is the filtered payload like:
reddit_xss.py >script<alert(1)>script< (it is just a non-accurate example)
By using a simple grep on the output_xss with some regex operations to ignored the payload used in the arg[1] we might able to find an occurence of the same filter. Therefore, if the reddit user posted his bypass alongside with the filter, for us it would be game over.
XSS evasion made trivial thanks to crowd-sourcing. :)
Sorry if I haven't been very clear, english is not my native tongue.
Hi Peter,
First of all, your books are just awesome! I got an idea in order to improve this script, I would like to get your feedback on it. If we could somehow have the reddit users filters that have been bypassed by theirs evasion methods, we could simply using some regex directly get a working bypass method. I explain, let's say that redit_xss.py takes one argument which is the filtered payload like: reddit_xss.py >script<alert(1)>script< (it is just a non-accurate example) By using a simple grep on the output_xss with some regex operations to ignored the payload used in the arg[1] we might able to find an occurence of the same filter. Therefore, if the reddit user posted his bypass alongside with the filter, for us it would be game over. XSS evasion made trivial thanks to crowd-sourcing. :)
Sorry if I haven't been very clear, english is not my native tongue.
Best regards, Alexandre