Skip to content

Instantly share code, notes, and snippets.

@akhil-reni
Last active February 14, 2020 04:35
Show Gist options
  • Save akhil-reni/1eb4dd38549f81d0e108488e40e023ae to your computer and use it in GitHub Desktop.
Save akhil-reni/1eb4dd38549f81d0e108488e40e023ae to your computer and use it in GitHub Desktop.
XSS challenge
<html>
<script>
function bindEvent(element, eventName, eventHandler) {
if (element.addEventListener){
element.addEventListener(eventName, eventHandler, false);
} else if (element.attachEvent) {
element.attachEvent('on' + eventName, eventHandler);
}
}
bindEvent(window, 'message', function (e) {
if(e.data.mode=="iframe"){
var iframe = document.createElement("iframe");
iframe.src = e.data.url;
iframe.onload = function(e){
window.location = this.contentWindow.name;
}
document.body.appendChild(iframe);
}
});
</script>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment