Skip to content

Instantly share code, notes, and snippets.

@danbeam

danbeam/Simple XSS bookmarklet that add REQUESTURI variable via GET params to your current page

Created May 12, 2011 02:38
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save danbeam/967832 to your computer and use it in GitHub Desktop.
Save danbeam/967832 to your computer and use it in GitHub Desktop.
Download ZIP
xss-bookmarklet.js
Raw
Simple XSS bookmarklet that add REQUESTURI variable via GET params to your current page
javascript:(function(){var x=encodeURIComponent('\'\';!--"<XSS>=&{()}'),u=[],n={},i=0,a=[].concat([].slice.call(document.getElementsByTagName('input')),[].slice.call(document.getElementsByTagName('select')),[].slice.call(document.getElementsByTagName('textarea'))),l=a.length;for(;i<l;++i){if(a[i].name&&!n[a[i].name]){n[a[i].name]=1;u.push(a[i].name);}}if(u.length){window.location.href+=(!~~window.location.href.indexOf('?')?'&':'?')+u.join('='+x+'&')+'='+x;}else{alert('No inputs!');}}());
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment