Restrict session to IP 
Questions  |  score: 4  |  Solved By 694 People  |  74482 views  |  since Mar 23, 2009 - 23:26:12

htmlspecialchars (Exploit, PHP, XSS)

Your mission...
Is to exploit this line of code, which is vulnerable to XSS:
GeSHi`ed PHP code for htmlspecialchars.php
echo "<a href='http://".htmlspecialchars(Common::getPost('input'))."'>Exploit Me</a>";

Common::getPost only fetches a string from the $_POST variables and applies stripslashes(), in case magic_quotes_gpc() are enabled.
You can ignore Common::getPost completely, replace it by $_POST['input'], and assume magic_quotes_gpc() are disabled.

Below the input box is the output of the script, to test your attacks.
You will fail anyway, because I used htmlspecialchars() to prevent XSS.

Gizmore - March, 23th 2009
Input box
Your output
Here is the output of your input:
Use the form above, to exploit the link.
Click me

Your solution is the same line of code, but with an easy fix for it.

© 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016 and 2017 by Gizmore and Kender