For instance upon download, it automatically redirects to a specific URL or clicked,Like When Someone Receives and Clicks It on Whatsapp. A Tutorial Would Be Greatly Appreciated :)
- Hot
- Active
-
Forum Thread:
How to Track Who Is Sms Bombing Me .
4
Replies
2 mo ago -
Forum Thread:
Removing Pay-as-You-Go Meter on Loan Phones.
1
Replies
2 mo ago -
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
3
Replies
2 mo ago -
Forum Thread:
moab5.Sh Error While Running Metasploit
17
Replies
3 mo ago -
Forum Thread:
Execute Reverse PHP Shell with Metasploit
1
Replies
4 mo ago -
Forum Thread:
Install Metasploit Framework in Termux No Root Needed M-Wiz Tool
1
Replies
5 mo ago -
Forum Thread:
Hack and Track People's Device Constantly Using TRAPE
35
Replies
6 mo ago -
Forum Thread:
When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen.
8
Replies
7 mo ago -
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
7 mo ago -
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
7 mo ago -
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
9 mo ago -
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
9 mo ago -
Metasploit Error:
Handler Failed to Bind
41
Replies
10 mo ago -
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
10 mo ago -
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
10 mo ago -
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
10 mo ago -
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
10 mo ago -
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
10 mo ago -
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
11 mo ago -
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
11 mo ago
-
How To:
Use Kismet to Watch Wi-Fi User Activity Through Walls
-
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
-
How To:
Exploit EternalBlue on Windows Server with Metasploit
-
How To:
Detect When a Device Is Nearby with the ESP8266 Friend Detector
-
How To:
Hack Apache Tomcat via Malicious WAR File Upload
-
How To:
Creating a (Almost) Fully Undetectable EXE Using Kali & GCC
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
-
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
-
How To:
Make Your Own Bad USB
-
How To:
Spy on Traffic from a Smartphone with Wireshark
-
How To:
Build a Beginner Hacking Kit with the Raspberry Pi 3 Model B+
-
How To:
Set Your Wi-Fi Card's TX Power Higher Than 30 dBm
-
How To:
Use SpiderFoot for OSINT Gathering
-
How To:
Hack WPA & WPA2 Wi-Fi Passwords with a Pixie-Dust Attack Using Airgeddon
-
How To:
Write an XSS Cookie Stealer in JavaScript to Steal Passwords
-
How To:
Enable Monitor Mode & Packet Injection on the Raspberry Pi
-
How To:
Hack 5 GHz Wi-Fi Networks with an Alfa Wi-Fi Adapter
-
How To:
Steal macOS Files with the USB Rubber Ducky
-
How To:
Host Your Own Tor Hidden Service with a Custom Onion Address
5 Responses
This can easily be done with some simple javascript:
<img src="image source here" onclick=window.location.assign("destination here")></img>
Bless you for that! ..but I'm a beginner, could you please show me in (noob friendly) steps of how to accomplish this?
In your question you mentioned whatsapp, so here's the code that would take a whatsapp picture, and when clicked redirect you to nullbyte:
<img src="https://lh3.ggpht.com/bwBj9B4fGmTN_of0JS8xdkwklCmqCzSne1tJ9RaUNRQIzU-FEyCuFWzlsLyyPoTbyJE=w300 " onclick=window.location.assign("https://null-byte.wonderhowto.com ")></img>_
An easy way to test code is to try is to use W3 School's TryitEditor. All you need to do is copy and paste the code between the html tags (<html></html>). You can try sending it by email but it probably won't work since javascript is usually stripped off the image at the receiving end as to prevent malicious attacks. Xss would probably be used in a real world situation (to get the code onto a server) with onload instead of onclick(that way the victim doesn't even have to click the link, they just need to visit a page with our picture on it). Another option would be to host the image yourself.
Ignore the extra spaces.
Thanks again for that!
Share Your Thoughts