Home

Awesome

web-sec-interview

Information Security Industry Practitioners (Web Security / Penetration Testing) Interview Questions 1.1

README English | 中文


<a href="https://xz.aliyun.com/t/265/">My Way of WafBypass (SQL Injection)</a><br /> <a href="https://xz.aliyun.com/t/337/">My Way of WafBypass (Upload)</a><br /> <a href="https://xz.aliyun.com/t/265/">My Way of WafBypass (Misc)</a><br />

  1. Close the executable file.
  2. Prohibit "FileSystemObject" to effectively control the spread of VBS virus. Specific operation method: Use regsvr32 scrrun.dll /u this command to disable file system objects.
  3. Open the browser's security settings.
    • If you are given an XSS blind hit vulnerability, but the information returned shows that his background is on the intranet and can only be accessed using intranet, how do you use this XSS?

    github has some ready-made xss scripts for scanning intranet ports, which can be used for reference, and then further utilized according to the detected information, such as opening redis, etc., and then using the vulnerability to getshell.

    • How to prevent XSS vulnerabilities, how to do it in the front end, how to do it in the back end, where is better, and why?
    • How does the black box detect XSS vulnerabilities?

<video onerror=alert(1)><source> <video><sourceonerror="javascript:alert(1)" <video src=".." onloadedmetadata="alert(1)" ondurationchanged="alert(2)" ontimeupdate="alert(3)"></video> <video><sourceonerrorsourceonerrorsourceonerrorsourceonerror="javascript:alert(1)"> <videopostervideopostervideopostervideoposter=”javascript:alert(1)”> </code>