Wonder How ToGadget HacksNext RealityNull Byte
how to

XSS Bonuses

May 10, 2015 05:41 AM
635668081342817767.jpg

This is a followup from my recent series on XSS exploitation, giving a few extra attacks/tricks to try.

Google's Prank

Google developed a JavaScript code (available here) that you can customize. Basically, it makes all the elements on the page swirl around, fade out to white, and pretends to hack you. Customize it to your own liking.

Password Stealer

Martani Fyssal, a Microsoft developer, created a JavaScript code that steals passwords. You can download it here.

Changing Download

Using this code, you can change the download reference for a website.

index.php?name=

Just make sure you change the respective variables.

Credits to Ramesh Natarajan.

Persistent Connections

Again by Ramesh, these are two PHP scripts that create a persistent connection.

login.php

home.php

Change what you want.

Thanks

I'd like to thank the many people who help me study, from the members of C3, to the many pentesters online to take their time to share their knowledge. You guys help keep me going. Many thanks to Ramesh Natarajan for his amazing scripts and his wonderful sharing. And of course, thank you all for keeping this community alive.

C|H of C3

Just updated your iPhone? You'll find new Apple Intelligence capabilities, sudoku puzzles, Camera Control enhancements, volume control limits, layered Voice Memo recordings, and other useful features. Find out what's new and changed on your iPhone with the iOS 18.2 update.

Related Articles

637263493835297420.jpg

How to Use Zero-Width Characters to Hide Secret Messages in Text (& Even Reveal Leaks)

636455706472146367.jpg

How to Hide DDE-Based Attacks in MS Word

Comments

No Comments Exist

Be the first, drop a comment!