Shazzer logo

    Characters prepended to URL, which yield in the same host property

    Chrome logo 30
    Firefox logo 30

    Characters ignored in URL, which yield in the same host property. This is just a simple modification of another fuzzing vector by hansmachine

    Created by: InsertScript

    Created on: Friday, January 10, 2025 at 10:27:16 AM

    Updated on: Tuesday, May 27, 2025 at 10:34:27 AM


    Vector type: JS

    Vector charset: UTF-8

    Template used:
    if (new URL("https://$[chr]google.com/endpoint").host=="google.com"){log($[i])}
    Your browser was detected as:
    Detecting... Detecting... Detecting... Detecting...

    Sample payloads

    if (new URL("https://	google.com/endpoint").host=="google.com"){alert(9)}
    if (new URL("https:///google.com/endpoint").host=="google.com"){alert(47)}
    if (new URL("https://@google.com/endpoint").host=="google.com"){alert(64)}
    if (new URL("https://\google.com/endpoint").host=="google.com"){alert(92)}
    if (new URL("https://­google.com/endpoint").host=="google.com"){alert(173)}
    if (new URL("https://͏google.com/endpoint").host=="google.com"){alert(847)}
    if (new URL("https://᠋google.com/endpoint").host=="google.com"){alert(6155)}
    if (new URL("https://᠌google.com/endpoint").host=="google.com"){alert(6156)}
    if (new URL("https://᠍google.com/endpoint").host=="google.com"){alert(6157)}
    if (new URL("https://᠏google.com/endpoint").host=="google.com"){alert(6159)}
    if (new URL("https://​google.com/endpoint").host=="google.com"){alert(8203)}
    if (new URL("https://⁠google.com/endpoint").host=="google.com"){alert(8288)}
    if (new URL("https://⁤google.com/endpoint").host=="google.com"){alert(8292)}
    if (new URL("https://︀google.com/endpoint").host=="google.com"){alert(65024)}
    if (new URL("https://︁google.com/endpoint").host=="google.com"){alert(65025)}
    if (new URL("https://︂google.com/endpoint").host=="google.com"){alert(65026)}
    if (new URL("https://︃google.com/endpoint").host=="google.com"){alert(65027)}
    if (new URL("https://︄google.com/endpoint").host=="google.com"){alert(65028)}
    if (new URL("https://︅google.com/endpoint").host=="google.com"){alert(65029)}
    if (new URL("https://︆google.com/endpoint").host=="google.com"){alert(65030)}

    Fuzz results

    Chrome logo
    Chrome 131.0.0.0 desktop Windows NT 10.0

    Updated

    Fri Jan 10 2025
    Found 30 results
    Loading...
    Firefox logo
    Firefox 138.0 desktop macOS 10.15

    Updated

    Wed May 28 2025
    Found 30 results
    Loading...