Finding URI HTML Injection Opportunities
Query Google to find URI HTML Injection opportunities.
Pretty simple base query…
inurl:”3C*3E” -intext:”3C*3E”
just add stuff like -intext:”Page Not Found” or site:.edu to the query to make it match your needs.
It also helps if you start adding things in the query like html tags in the url. So, for example….
inurl:”3C*3E” inurl:”font*font” -intext:3C -intext:font
or
inurl:”3C*3E” inurl:”strong*strong” -intext:3C -intext:strong
It is not perfect, but it can give you an idea of sites that Google is used to indexing pages with this kind of garbage in the URL.
No tags for this post.3 Comments
Trackbacks/Pingbacks
- HTML Injection - Revisited SEO Black Hat: Black Hat SEO Blog - [...] Googlecashe.com has a write up on one way of googling for sites that have xss / html injection opportunities.…
- ha.ckers.org » Blog Archive » Google can find XSS for you - [...] thegooglecache.com has a brief but interesting article on finding XSS exploits that are in URLs. Honestly this is a…
I’m appalled that you would be involved this type of thing Russ! 🙂
now, what i excately looking for that. :). hope you will better understand us more…
Thank you for sharing.