2018-11-27 20:36:52 +00:00
|
|
|
<!DOCTYPE html>
|
|
|
|
|
<html>
|
|
|
|
|
<head>
|
2018-11-27 20:52:48 +00:00
|
|
|
<title>XSS 3</title>
|
2018-11-29 16:59:36 +00:00
|
|
|
<link rel="shortcut icon" href="../Resources/hmbct.png" />
|
2018-11-27 20:36:52 +00:00
|
|
|
</head>
|
|
|
|
|
<body>
|
2018-11-29 23:43:29 +00:00
|
|
|
|
|
|
|
|
<div style="background-color:#c9c9c9;padding:15px;">
|
|
|
|
|
<button type="button" name="homeButton" onclick="location.href='../homepage.html';">Home Page</button>
|
|
|
|
|
<button type="button" name="mainButton" onclick="location.href='xssmainpage.html';">Main Page</button>
|
|
|
|
|
</div>
|
|
|
|
|
<div align="center">
|
2018-11-27 20:36:52 +00:00
|
|
|
<form method="GET" action="" name="form">
|
2018-11-29 22:07:04 +00:00
|
|
|
<p>Your name:<input type="text" name="username"></p>
|
2018-11-29 23:44:42 +00:00
|
|
|
<input type="submit" name="submit" value="Submit">
|
2018-11-27 20:36:52 +00:00
|
|
|
</form>
|
2018-11-29 23:44:42 +00:00
|
|
|
</div>
|
2018-11-27 20:36:52 +00:00
|
|
|
<?php
|
|
|
|
|
if (isset($_GET["username"])) {
|
|
|
|
|
$user = preg_replace("/<(.*)[S,s](.*)[C,c](.*)[R,r](.*)[I,i](.*)[P,p](.*)[T,t]>/i", "", $_GET["username"]);
|
2018-11-29 22:07:04 +00:00
|
|
|
echo "Your name is "."$user";
|
2018-11-27 20:36:52 +00:00
|
|
|
}
|
|
|
|
|
?>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</body>
|
|
|
|
|
</html>
|
