Posts

Showing posts from May, 2014

This is my XSS hack servlet

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 public class SimpleServletXSS extends HttpServlet { private static final long serialVersionUID = 1L ; @Override public void doGet ( final HttpServletRequest request , final HttpServletResponse response ) throws ServletException , IOException { doPost ( request , response ); } @Override public void doPost ( final HttpServletRequest request , final HttpServletResponse response ) throws ServletException , IOException { final StringBuffer buf = new StringBuffer (); final String method = request . getMethod (); buf . append ( "<html><head>\n<!-- HEAD -->\n</head>\n <body> <br /> <form method='post' action='SimpleServletXSS'>\n<textarea cols='40' rows='5' name='hack1'> &lt;script&gt; alert(\...