Sometimes a server will escape special characters that are injected: For instance, injecting a " character and having it reflect as \":Injection: xss"
Reflection:
x="xss\"";y=42;Fail.
Sometimes, ironically enough, you can outsmart filters by using their own tricks against them. Try escaping their escape character like this:
Injection: xss\"
Reflection:
x="xss\\"";y=42;Success!
However, if the
No comments:
Post a Comment