Shazzer logo

    Characters allowed before CSS selectors

    Chrome logo 5
    Safari logo 5

    This shows how to use Shazzer to fuzz CSS syntax. This vector uses an inline style and div to set the colour. JavaScript is executed directly after each fuzz to check getComputedStyle to see if the div is red.

    Created by: hackvertor

    Created on: Monday, July 15, 2024 at 7:35:19 PM

    Updated on: Thursday, November 21, 2024 at 7:58:36 AM

    Vector type: XSS

    Vector charset: UTF-8

    Template used:
    <style>
$[chr]div{color:red;}
</style>
<div id=x>test</div>
    Code used after fuzz:
    window.getComputedStyle(x).color === 'rgb(255, 0, 0)' && log($[i])
    Your browser was detected as:
    Detecting... Detecting... Detecting... Detecting...

    Sample payloads

    <style>
	div{color:red;}
</style>
<div id=x>test</div>

    <style>

div{color:red;}
</style>
<div id=x>test</div>

    <style>
div{color:red;}
</style>
<div id=x>test</div>

    <style>

div{color:red;}
</style>
<div id=x>test</div>

    <style>
 div{color:red;}
</style>
<div id=x>test</div>

    Fuzz results

    Chrome logo
    Chrome 126.0.0.0 desktop macOS 10.15.7

    Updated

    Mon Jul 15 2024
    Found 5 results
    Loading...
    Safari logo
    Safari 17.4 desktop macOS 10.15.7

    Updated

    Mon Jul 15 2024
    Found 5 results
    Loading...