Characters unencoded characters supported in the hash
89
89
89
This vector shows which unencoded characters are allowed in the hash
Created by: hackvertor
Created on: Tuesday, September 24, 2024 at 12:33:51 PM
Updated on: Tuesday, December 17, 2024 at 5:58:42 PM
Vector type: JS
Vector charset: UTF-8
Code used before fuzz:
const anchor = document.createElement('a');
Template used:
anchor.href='//example.com';
let chr = String.fromCodePoint($[i]);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))log($[i])
Your browser was detected as:
Detecting... Detecting... Detecting... Detecting...
Sample payloads
anchor.href='//example.com';
let chr = String.fromCodePoint(33);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))alert(33)
anchor.href='//example.com';
let chr = String.fromCodePoint(36);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))alert(36)
anchor.href='//example.com';
let chr = String.fromCodePoint(37);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))alert(37)
anchor.href='//example.com';
let chr = String.fromCodePoint(38);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))alert(38)
anchor.href='//example.com';
let chr = String.fromCodePoint(39);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))alert(39)
anchor.href='//example.com';
let chr = String.fromCodePoint(40);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))alert(40)
anchor.href='//example.com';
let chr = String.fromCodePoint(41);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))alert(41)
anchor.href='//example.com';
let chr = String.fromCodePoint(42);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))alert(42)
anchor.href='//example.com';
let chr = String.fromCodePoint(43);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))alert(43)
anchor.href='//example.com';
let chr = String.fromCodePoint(44);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))alert(44)
anchor.href='//example.com';
let chr = String.fromCodePoint(45);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))alert(45)
anchor.href='//example.com';
let chr = String.fromCodePoint(46);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))alert(46)
anchor.href='//example.com';
let chr = String.fromCodePoint(47);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))alert(47)
anchor.href='//example.com';
let chr = String.fromCodePoint(48);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))alert(48)
anchor.href='//example.com';
let chr = String.fromCodePoint(49);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))alert(49)
anchor.href='//example.com';
let chr = String.fromCodePoint(50);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))alert(50)
anchor.href='//example.com';
let chr = String.fromCodePoint(51);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))alert(51)
anchor.href='//example.com';
let chr = String.fromCodePoint(52);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))alert(52)
anchor.href='//example.com';
let chr = String.fromCodePoint(53);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))alert(53)
anchor.href='//example.com';
let chr = String.fromCodePoint(54);
anchor.hash = chr;
if(anchor.hash.slice(1).includes(chr))alert(54)
Fuzz results
Chrome 129.0.0.0 desktop macOS 10.15.7
Updated
Tue Sep 24 2024
Found 89 results
Loading...
Firefox 130.0 desktop macOS 10.15
Updated
Tue Sep 24 2024
Found 89 results
Loading...
Safari 18.0 desktop macOS 10.15.7
Updated
Tue Sep 24 2024
Found 89 results
Loading...