How do I bypass a regex filter that filters all html to avoid xss?



  • How do I bypass a regex filter that filters all html to avoid xss? I've tried using things like <img src="aa" onerror="alert(1)"> but still no luck. This is for a CTF challenge btw.

    The regex is:

    <[\s\S]*>
    

    and the validator is running on a TypeScript server



  • https://owasp.org/www-community/xss-filter-evasion-cheatsheet has a section on alternative characters to

    <</code>. Here is a summary:</p>
    <ul>
    <li>%3C</li>
    <li>&#60, &#060, &#0060, &#00060, &#000060, &#0000060</li>
    </ul>
    <p>(and try with a <code>;</code> on the end)</p>
    <p>Also, variations on the same zero padding theme above bu with hex:</p>
    <ul>
    <li>&#x3c, &#X3c, &#x3C, &#X3C</li>
    </ul>
    <p>And:</p>
    <ul>
    <li>\x3c, \x3C, \u003c, \u003C</li>
    </ul>

Log in to reply
 

Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2