For instance upon download, it automatically redirects to a specific URL or clicked,Like When Someone Receives and Clicks It on Whatsapp. A Tutorial Would Be Greatly Appreciated :)
- Hot
- Active
-
Forum Thread:
How to Hack Wireless Password Through MAC Address and IP Address
25
Replies
1 day ago -
Forum Thread:
Complete Guide to Creating and Hosting a Phishing Page for Beginners
50
Replies
5 days ago -
Forum Thread:
HELP I Created an Apk for Hacking My Phone Using Kali Linux in Virtual Box How Can I Install That Apk on My Phone
18
Replies
2 wks ago -
Forum Thread:
Mitm attack problem
2
Replies
3 wks ago -
Forum Thread:
Hack and Track People's Device Constantly Using TRAPE
32
Replies
4 wks ago -
Metasploit Error:
Handler Failed to Bind
40
Replies
1 mo ago -
Forum Thread:
How to Know if You Are a Script Kiddie?
9
Replies
1 mo ago -
Forum Thread:
How to Identify and Crack Hashes
8
Replies
1 mo ago -
Forum Thread:
How to Hack School Website
8
Replies
1 mo ago -
Forum Thread:
Whenever I Try "Airmon-Ng Start wlan0" There's an Error?
16
Replies
1 mo ago -
Forum Thread:
How to Fix 'Failed to Detect and Mount CD-ROM' Problem When Installing Kali Linux
14
Replies
1 mo ago -
Forum Thread:
Awesome Keylogging Script - BeeLogger
30
Replies
2 mo ago -
Forum Thread:
How to Hack Android Phone Using Same Wifi
27
Replies
2 mo ago -
Forum Thread:
Create and Use Android/Meterpreter/reverse_tcp APK with Msfvenom?
121
Replies
2 mo ago -
How to:
Minecraft DoS'Ing with Python.
1
Replies
3 mo ago -
Forum Thread:
Tools for Beginner Hacker
3
Replies
3 mo ago -
Forum Thread:
How to Embed an Android Payload in an Image?
9
Replies
4 mo ago -
Forum Thread:
Metasploit reverse_tcp Handler Problem
46
Replies
4 mo ago -
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
11
Replies
4 mo ago -
Forum Thread:
Fix Initramfs Problem
5
Replies
4 mo ago
-
How To:
Find Passwords in Exposed Log Files with Google Dorks
-
How To:
Brute-Force Nearly Any Website Login with Hatch
-
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To:
Make Spoofed Calls Using Any Phone Number You Want Right from Your Smartphone
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
Hack Like a Pro:
How to Crack Online Web Form Passwords with THC-Hydra & Burp Suite
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
-
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
-
How To:
Write an XSS Cookie Stealer in JavaScript to Steal Passwords
-
Hacking Windows 10:
How to Dump NTLM Hashes & Crack Windows Passwords
-
How To:
Hack Wi-Fi Networks with Bettercap
-
How To:
Use Kismet to Watch Wi-Fi User Activity Through Walls
-
How To:
Play Wi-Fi Hacking Games Using Microcontrollers to Practice Wi-Fi Attacks Legally
-
Hack Like a Pro:
How to Get Facebook Credentials Without Hacking Facebook
-
How To:
Upload a Shell to a Web Server and Get Root (RFI): Part 2
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
5 Responses
This can easily be done with some simple javascript:
<img src="image source here" onclick=window.location.assign("destination here")></img>
Bless you for that! ..but I'm a beginner, could you please show me in (noob friendly) steps of how to accomplish this?
In your question you mentioned whatsapp, so here's the code that would take a whatsapp picture, and when clicked redirect you to nullbyte:
<img src="https://lh3.ggpht.com/bwBj9B4fGmTN_of0JS8xdkwklCmqCzSne1tJ9RaUNRQIzU-FEyCuFWzlsLyyPoTbyJE=w300 " onclick=window.location.assign("https://null-byte.wonderhowto.com ")></img>_
An easy way to test code is to try is to use W3 School's TryitEditor. All you need to do is copy and paste the code between the html tags (<html></html>). You can try sending it by email but it probably won't work since javascript is usually stripped off the image at the receiving end as to prevent malicious attacks. Xss would probably be used in a real world situation (to get the code onto a server) with onload instead of onclick(that way the victim doesn't even have to click the link, they just need to visit a page with our picture on it). Another option would be to host the image yourself.
Ignore the extra spaces.
Thanks again for that!
Share Your Thoughts