XSS-Auditor — the protector of unprotected

and the deceiver of protected.

terjanq
Apr 25 · 4 min read

Quick introduction:

Abusing the block mode

The fix

Let’s XSS

Abusing the filter mode — write-up

Filtering sha512.js
Successful XSS execution

Conclusion

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. In a nutshell, we are the largest InfoSec publication on Medium. #sharingiscaring

terjanq

Written by

terjanq

Security enthusiast that loves playing CTFs and hunting for bugs in the wild. Also likes to do some chess once in a while. twitter.com/terjanq

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. In a nutshell, we are the largest InfoSec publication on Medium. #sharingiscaring