XSS Attacks through PATH

XSS Attacks through PATH

English version of my presentation in Shibuya.XSS techtalk #7
Japanese version is here: https://speakerdeck.com/masatokinugawa/shibuya-dot-xss-techtalk-number-7

1a5bce24526a7d6f1ab89678df2d673c?s=128

Masato Kinugawa

April 06, 2016
Tweet

Transcript

  1. 1.
  2. 2.
  3. 3.
  4. 4.
  5. 9.
  6. 12.
  7. 14.

    GET /path?query HTTP/1.1 The URI which was given in order

    to access this page; for instance, '/index.html'. http://php.net/manual/ja/reserved.variables.server.php
  8. 19.
  9. 21.
  10. 22.
  11. 23.
  12. 24.
  13. 25.
  14. 26.
  15. 27.
  16. 28.
  17. 29.
  18. 30.
  19. 31.
  20. 32.
  21. 33.
  22. 40.
  23. 41.
  24. 42.
  25. 43.
  26. 44.
  27. 45.
  28. 46.
  29. 47.
  30. 48.
  31. 49.
  32. 50.
  33. 51.
  34. 52.