XSS Filter는 XSS 공격을 해볼 수 있는 곳입니다. 소스도 공개되어있습니다. 재미있는 것은 보통 XSS는 blacklist 문자를 지정하기 보다는 whitelist 문자를 지정하는 것으로 막는데, 이 곳은 블랙 리스트를 강화하는 노력을 하고 있다는 점입니다.
그런데, 과연 현재 소스 상태에서 또 뚫을 수 있을 것인지?
XSS filter to protect from XSS attacks
Tags:
Comments
One response to “XSS filter to protect from XSS attacks”
-
I’m aware of a person who’s trying to run XSS code to this article. As I’m using wp capcha-free, I’m pretty much sure that the person is using a browser which enabled javascript, i.e., it’s very unlikely that it is a machine.
I warn you not to do that anymore. Don’t make me pissed off. Otherwise, I’ll track you down by every knowledge that I know of to find out who you really are. Try proxy or whatever method you know of. I’ll still find you. You once revealed yourself carelessly, and I already have two records of IP addresses and logs. And your ISP have them as well.
Be warned that even a simple inspection of a website is not allowed in Korea, and what you’re doing constitutes a crime.
Leave a Reply