can you support find xss in href? - Githubissues

stamparm / DSXS

Damn Small XSS Scanner

424 stars 127 forks source link

can you support find xss in href? #6

Closed wilson9x1 closed 6 years ago

wilson9x1 commented 6 years ago

can you support find xss in href?

egg:

<?php
$input= str_replace("\"", "&quot;" ,$_GET['xss']);
$input=str_replace(">","&lt;",$input);
$input=str_replace("<","&gt;",$input);
echo '<a href="';
print($input);
echo '">click<a/>';
?>

http://127.0.0.1/2.php?xss=javascript:alert(1) when click it will has xss vuls。

but DSXS can't find this。

stamparm commented 6 years ago

Can't implement because of one simple reason. If you take a look into payloads being sent, you'll see that they look "inconspicuous". This project has been used as part of one larger (prototype) project where the original idea has been to send as less non-offensive looking payloads.