For instance upon download, it automatically redirects to a specific URL or clicked,Like When Someone Receives and Clicks It on Whatsapp. A Tutorial Would Be Greatly Appreciated :)
- Hot
- Active
-
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
1 wk ago -
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
2
Replies
3 wks ago -
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
3 wks ago -
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
2 mo ago -
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
2 mo ago -
Metasploit Error:
Handler Failed to Bind
41
Replies
2 mo ago -
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
3 mo ago -
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
3 mo ago -
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
3 mo ago -
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
3 mo ago -
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
3 mo ago -
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
4 mo ago -
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
4 mo ago -
Forum Thread:
How to Run and Install Kali Linux on a Chromebook
18
Replies
5 mo ago -
Forum Thread:
How to Find Admin Panel Page of a Website?
13
Replies
6 mo ago -
Forum Thread:
can i run kali lenux in windows 10 without reboting my computer
4
Replies
6 mo ago -
Forum Thread:
How to Hack School Website
11
Replies
6 mo ago -
Forum Thread:
Make a Phishing Page for Harvesting Credentials Yourself
8
Replies
6 mo ago -
Forum Thread:
Creating an Completely Undetectable Executable in Under 15 Minutes!
38
Replies
7 mo ago -
Forum Thread:
Hacking with Ip Only Part [1] { by : Mohamed Ahmed }
5
Replies
8 mo ago
-
How To:
Find Passwords in Exposed Log Files with Google Dorks
-
How To:
Dox Anyone
-
How To:
Exploit EternalBlue on Windows Server with Metasploit
-
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
-
How To:
Crack SSH Private Key Passwords with John the Ripper
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
-
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To:
Exploit WebDAV on a Server & Get a Shell
-
How To:
Pop a Reverse Shell with a Video File by Exploiting Popular Linux File Managers
-
How To:
The Essential Skills to Becoming a Master Hacker
-
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
Hack Like a Pro:
How to Find Directories in Websites Using DirBuster
-
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
-
How To:
Enumerate SMB with Enum4linux & Smbclient
-
How To:
Fuzz Parameters, Directories & More with Ffuf
-
How To:
Make Your Own Bad USB
-
Tutorial:
Create Wordlists with Crunch
5 Responses
This can easily be done with some simple javascript:
<img src="image source here" onclick=window.location.assign("destination here")></img>
Bless you for that! ..but I'm a beginner, could you please show me in (noob friendly) steps of how to accomplish this?
In your question you mentioned whatsapp, so here's the code that would take a whatsapp picture, and when clicked redirect you to nullbyte:
<img src="https://lh3.ggpht.com/bwBj9B4fGmTN_of0JS8xdkwklCmqCzSne1tJ9RaUNRQIzU-FEyCuFWzlsLyyPoTbyJE=w300 " onclick=window.location.assign("https://null-byte.wonderhowto.com ")></img>_
An easy way to test code is to try is to use W3 School's TryitEditor. All you need to do is copy and paste the code between the html tags (<html></html>). You can try sending it by email but it probably won't work since javascript is usually stripped off the image at the receiving end as to prevent malicious attacks. Xss would probably be used in a real world situation (to get the code onto a server) with onload instead of onclick(that way the victim doesn't even have to click the link, they just need to visit a page with our picture on it). Another option would be to host the image yourself.
Ignore the extra spaces.
Thanks again for that!
Share Your Thoughts