From 3ea7acfd81424b76e9686196d7a404626056a2f8 Mon Sep 17 00:00:00 2001 From: Moein Fatehi Date: Sat, 30 Jun 2018 13:58:36 +0430 Subject: [PATCH 1/6] Initial commit --- README.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..2355b9d --- /dev/null +++ b/README.md @@ -0,0 +1,2 @@ +# XSS-challenges +this repository is a docker containing some challenges with XSS vulnerability. From f0d111a016197bd92191ec767e14e3d3b06a2906 Mon Sep 17 00:00:00 2001 From: Moein Fatehi Date: Sat, 30 Jun 2018 15:10:07 +0430 Subject: [PATCH 2/6] Update README.md --- README.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/README.md b/README.md index 2355b9d..2ad02dc 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,22 @@ # XSS-challenges this repository is a docker containing some challenges with XSS vulnerability. + +# Run this image +To run this image you need docker installed.
+Then run the command:
+```docker run -d -p 8008:80 moeinfatehi/xss_vulnerability_challenges```
+Help: +``` +-d: detached mode (You can use terminal after running command +-p: specifies port (you can change 8008 to whatever you want. If you don't have a web server on your host, set it to 80) +``` +
+Then request localhost:8008 to access thr challenges.
+ + +# Disclaimer +This or previous program is for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that me (opsxcq) is not liable for any damages caused by direct or indirect use of the information or functionality provided by these programs. The author or any Internet provider bears NO responsibility for content or misuse of these programs or any derivatives thereof. By using these programs you accept the fact that any damage (dataloss, system crash, system compromise, etc.) caused by the use of these programs is not opsxcq's responsibility. + +# Hack and have fun ! +If you have any questions, feel free to ask in my twitter account. + From 0e7704d3431eeed9baaef849e006ad172308ef9d Mon Sep 17 00:00:00 2001 From: Moein Fatehi Date: Sat, 30 Jun 2018 15:30:16 +0430 Subject: [PATCH 3/6] Update README.md --- README.md | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 2ad02dc..8c36b30 100644 --- a/README.md +++ b/README.md @@ -1,22 +1,31 @@ # XSS-challenges -this repository is a docker containing some challenges with XSS vulnerability. +This repository is a Dockerized php application containing some XSS vulnerability challenges.
+The ideas behind challenges are:
+* Javascript validation bypass +* html entities bypass +* WAF bypass +* Black-list validation bypass +* Basic XSS validation bypass +* Double encode bypass of WAF to exploit XSS +* Exploiting XSS by bypassing escape characters + # Run this image To run this image you need docker installed.
Then run the command:
-```docker run -d -p 8008:80 moeinfatehi/xss_vulnerability_challenges```
+```docker run -d -p 8008:80 moeinfatehi/xss_vulnerability_challenges```

Help: ``` -d: detached mode (You can use terminal after running command -p: specifies port (you can change 8008 to whatever you want. If you don't have a web server on your host, set it to 80) ```
-Then request localhost:8008 to access thr challenges.
+Then request localhost:8008 to access the challenges.

+ # Disclaimer This or previous program is for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that me (opsxcq) is not liable for any damages caused by direct or indirect use of the information or functionality provided by these programs. The author or any Internet provider bears NO responsibility for content or misuse of these programs or any derivatives thereof. By using these programs you accept the fact that any damage (dataloss, system crash, system compromise, etc.) caused by the use of these programs is not opsxcq's responsibility. # Hack and have fun ! -If you have any questions, feel free to ask in my twitter account. - +If you have any further questions, please don't hesitate to contact me via my twitter account. From 05e4b3040e8fb8430819f79ae7754aeee5ead232 Mon Sep 17 00:00:00 2001 From: Moein Fatehi Date: Mon, 10 Sep 2018 11:45:21 +0430 Subject: [PATCH 4/6] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 8c36b30..62aa036 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,7 @@ Then request localhost:8008 to access the challenges.

# Disclaimer -This or previous program is for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that me (opsxcq) is not liable for any damages caused by direct or indirect use of the information or functionality provided by these programs. The author or any Internet provider bears NO responsibility for content or misuse of these programs or any derivatives thereof. By using these programs you accept the fact that any damage (dataloss, system crash, system compromise, etc.) caused by the use of these programs is not opsxcq's responsibility. +This or previous program is for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that I'm not liable for any damages caused by direct or indirect use of the information or functionality provided by these programs. The author or any Internet provider bears NO responsibility for content or misuse of these programs or any derivatives thereof. By using these programs you accept the fact that any damage (dataloss, system crash, system compromise, etc.) caused by the use of these programs is not my responsibility. # Hack and have fun ! If you have any further questions, please don't hesitate to contact me via my twitter account. From c1c8e6689f7586c2c4e82cde6795ce824bde1b70 Mon Sep 17 00:00:00 2001 From: Moein Fatehi Date: Mon, 10 Sep 2018 14:12:48 +0430 Subject: [PATCH 5/6] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 62aa036..0ba7932 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,7 @@ Then request localhost:8008 to access the challenges.

# Disclaimer -This or previous program is for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that I'm not liable for any damages caused by direct or indirect use of the information or functionality provided by these programs. The author or any Internet provider bears NO responsibility for content or misuse of these programs or any derivatives thereof. By using these programs you accept the fact that any damage (dataloss, system crash, system compromise, etc.) caused by the use of these programs is not my responsibility. +This project is for Educational purpose ONLY. The usual disclaimer applies, especially the fact that I'm not liable for any damages caused by direct or indirect use of the information or functionality provided by these programs. The author or any Internet provider bears NO responsibility for content or misuse of these programs or any derivatives thereof. By using these project you accept the fact that any damage (dataloss, system crash, system compromise, etc.) caused by the use of this program is not my responsibility. # Hack and have fun ! If you have any further questions, please don't hesitate to contact me via my twitter account. From cbf3c48ee02732a8b219f59d33a811fbb0b961a6 Mon Sep 17 00:00:00 2001 From: Moein Fatehi Date: Mon, 9 May 2022 12:45:29 +0430 Subject: [PATCH 6/6] Delete README.md --- README.md | 31 ------------------------------- 1 file changed, 31 deletions(-) delete mode 100644 README.md diff --git a/README.md b/README.md deleted file mode 100644 index 0ba7932..0000000 --- a/README.md +++ /dev/null @@ -1,31 +0,0 @@ -# XSS-challenges -This repository is a Dockerized php application containing some XSS vulnerability challenges.
-The ideas behind challenges are:
-* Javascript validation bypass -* html entities bypass -* WAF bypass -* Black-list validation bypass -* Basic XSS validation bypass -* Double encode bypass of WAF to exploit XSS -* Exploiting XSS by bypassing escape characters - - -# Run this image -To run this image you need docker installed.
-Then run the command:
-```docker run -d -p 8008:80 moeinfatehi/xss_vulnerability_challenges```

-Help: -``` --d: detached mode (You can use terminal after running command --p: specifies port (you can change 8008 to whatever you want. If you don't have a web server on your host, set it to 80) -``` -
-Then request localhost:8008 to access the challenges.

- - - -# Disclaimer -This project is for Educational purpose ONLY. The usual disclaimer applies, especially the fact that I'm not liable for any damages caused by direct or indirect use of the information or functionality provided by these programs. The author or any Internet provider bears NO responsibility for content or misuse of these programs or any derivatives thereof. By using these project you accept the fact that any damage (dataloss, system crash, system compromise, etc.) caused by the use of this program is not my responsibility. - -# Hack and have fun ! -If you have any further questions, please don't hesitate to contact me via my twitter account.