Thegooglecache.com has a write up on one way of googling for sites that have xss / html injection opportunities.
It also helps if you start adding things in the query like html tags in the url. So, for example….
inurl:”3C*3E” inurl:”font*font” -intext:3C -intext:font
or
inurl:”3C*3E” inurl:”strong*strong” -intext:3C -intext:strong
One Response to “HTML Injection - Revisited”
Leave a Reply
You must be logged in to post a comment.




[…] Well on last weeks mesothelioma case study I received this comment in my moderation cue. At first glance I just though someone was being cute by comment spamming me with an XSS attack. […]