Exam 200-201 topic 1 question 156 discussion

Correct is B https://security.tcnj.edu/resources-tips/resources-for-server-administrators-and-developers/detecting-cross-site-scripting-attacks/ “GET /%27%27;!–%22%3CXSS%3E=&{() } HTTP/1.1″

B / followed by URL-encoded characters: %27 represents a single quote ('), %22 represents a double quote ("), and %3C and %3E represent the less-than (<) and greater-than (>) symbols, respectively. These characters are being URL-encoded. ;!--: This might be an attempt to include a comment in the payload. %22%3CXSS%3E=: This part might be trying to inject an XSS payload. &{()}: This could be part of the payload, potentially attempting to inject additional characters or execute certain actions.

Special Characters: %27: ' %22: " %3C: < %3E: > Is an XSS attack, it's trying to get something like /'';!-"<XSS>=&{()}

Here is one sample web access log entry that is a sign of an XSS attack. 192.168.0.252 – – [05/Aug/2009:15:16:42 -0400] “GET /%27%27;!–%22%3CXSS%3E=&{() } HTTP/1.1″ 404 310 “-” “Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.0.12) Gecko/2009070812 Ubuntu/8.04 (hardy) Firefox/3.0.12″ The part to look for is the GET /%27%27 command (there are several variants).

B because of --> GET /%27%27

i think that it is C. XML External Entities attack