Local Webpage Content Swap

Nov 11, 2015 02:22 PM

Hi there,

As SE is more and more popular, I'm trying to practice some spear phishing, but in more sophisticated way. Well, I wanted to inject some content to webpage, locally in victim's brawser. Of course I can redirect to my site, hosted on my machine or hack webserver, but... in real life pentests, nobody swap real webpage content like gmail or stuff like that because it's illegal. Let's assume that I've managed to inject beef iframe into brawser. What's next? I was trying to play around with iframes, but.. well nothing. I even thought about driveby usb hack, but well nothing comes to my mind (without creating malware - it could leak and then inspire someone to write better code and do some harm to people).

Thanks for your ideas guys!

Just updated your iPhone? You'll find new Apple Intelligence capabilities, sudoku puzzles, Camera Control enhancements, volume control limits, layered Voice Memo recordings, and other useful features. Find out what's new and changed on your iPhone with the iOS 18.2 update.

Local Webpage Content Swap

Related Articles

How to Use Zero-Width Characters to Hide Secret Messages in Text (& Even Reveal Leaks)

How to Hide DDE-Based Attacks in MS Word

Comments

No Comments Exist