Readers can refer to and subscribe to the column: Xss-Labs shooting range offensive and defensive combat
posture
Logical backend code:
Notice that line 9 has an ng-include attribute
ng-include directive
ng-includeis a directive in the AngularJS framework to include external files or fragments in HTML pages. By using ng-include, you can dynamically insert the content of an external HTML file into the current HTML page.
Here is ng-includethe basic usage of:
- Where external files need to be included, use
ng-includea directive and assign the path of the file to be included to the attribute value of the directive.
<div ng-include="'path/to/file.html'"></div>
Note that file paths need to be enclosed in single or double quotes.
- You can use scope variables as part of the file path for dynamic inclusion.
<div ng-include="dynamicPath"></div>
In the controller, set dynamicPaththe variable to the path of the file to include.
$scope.dynamicPath = 'path/to/file.html';
This way, when dynamicPaththe value of is changed, the included file contents are automatically updated.
It should be noted that ng-includethe instruction loads the external file through the browser's XHR request. Therefore, it is necessary to ensure that the included files are accessible on the server.
Therefore, construct an xss statement by passing parameters to src to load the level1.php file and execute the command at the file
POC:
'level1.php?name=<img src=1 οnerrοr=javascript:alert("qiushuo")>'
Summarize
The above is the detailed analysis of [Network Security] xss-labs level-15 problem solving, and the detailed analysis of [Network Security] xss-labs level-16 problem solving will be shared later.
I am Qiu said , see you next time.