Shazzer logo

    Loose comparison, characters appended which still result in type coercion

    Chrome logo 25

    Loose comparison of string with appended character, which still end up type coerced.

    Created by: hansmach1ne

    Created on: Monday, January 6, 2025 at 2:51:50 AM

    Updated on: Tuesday, January 7, 2025 at 1:19:02 PM

    Vector type: JS

    Vector charset: UTF-8

    Template used:
    if('1337' + String.fromCodePoint($[i]) + String.fromCodePoint($[i]) == 1337){log($[i])}
    Your browser was detected as:
    Detecting... Detecting... Detecting... Detecting...

    Sample payloads

    if('1337' + String.fromCodePoint(9) + String.fromCodePoint(9) == 1337){alert(9)}
    if('1337' + String.fromCodePoint(10) + String.fromCodePoint(10) == 1337){alert(10)}
    if('1337' + String.fromCodePoint(11) + String.fromCodePoint(11) == 1337){alert(11)}
    if('1337' + String.fromCodePoint(12) + String.fromCodePoint(12) == 1337){alert(12)}
    if('1337' + String.fromCodePoint(13) + String.fromCodePoint(13) == 1337){alert(13)}
    if('1337' + String.fromCodePoint(32) + String.fromCodePoint(32) == 1337){alert(32)}
    if('1337' + String.fromCodePoint(160) + String.fromCodePoint(160) == 1337){alert(160)}
    if('1337' + String.fromCodePoint(5760) + String.fromCodePoint(5760) == 1337){alert(5760)}
    if('1337' + String.fromCodePoint(8192) + String.fromCodePoint(8192) == 1337){alert(8192)}
    if('1337' + String.fromCodePoint(8193) + String.fromCodePoint(8193) == 1337){alert(8193)}
    if('1337' + String.fromCodePoint(8194) + String.fromCodePoint(8194) == 1337){alert(8194)}
    if('1337' + String.fromCodePoint(8195) + String.fromCodePoint(8195) == 1337){alert(8195)}
    if('1337' + String.fromCodePoint(8196) + String.fromCodePoint(8196) == 1337){alert(8196)}
    if('1337' + String.fromCodePoint(8197) + String.fromCodePoint(8197) == 1337){alert(8197)}
    if('1337' + String.fromCodePoint(8198) + String.fromCodePoint(8198) == 1337){alert(8198)}
    if('1337' + String.fromCodePoint(8199) + String.fromCodePoint(8199) == 1337){alert(8199)}
    if('1337' + String.fromCodePoint(8200) + String.fromCodePoint(8200) == 1337){alert(8200)}
    if('1337' + String.fromCodePoint(8201) + String.fromCodePoint(8201) == 1337){alert(8201)}
    if('1337' + String.fromCodePoint(8202) + String.fromCodePoint(8202) == 1337){alert(8202)}
    if('1337' + String.fromCodePoint(8232) + String.fromCodePoint(8232) == 1337){alert(8232)}

    Fuzz results

    Chrome logo
    Chrome 131.0.0.0 desktop Windows NT 10.0

    Updated

    Mon Jan 06 2025
    Found 25 results
    Loading...