| Author |
Js injection help |
ghostraider100
Member
Posts: 53
Location: Place were peacemaker(Gandhi) was born
Joined: 01.08.10
Rank: Elite |
|
|
Hey guys i couldn't undestand how an js injection works. Some1 demo me with a example/syntax how it should be used, in a URL. |
|
| Author |
RE: Js injection help |
Mtutnid
Member
Posts: 79
Location: HELL
Joined: 22.09.10
Rank: Hacker Level 3 |
|
Have you tried google?
So remember when you're feeling very small and insecure
How amazingly unlikely is your birth
And pray that there's intelligent life somewhere up in space
'Cause there's bugger all down here on Earth |
|
|
| Author |
RE: Js injection help |
ghostraider100
Member
Posts: 53
Location: Place were peacemaker(Gandhi) was born
Joined: 01.08.10
Rank: Elite |
|
|
S, i've tried but i cant get it lol. If u hav a good tutors url post here. |
|
|
| Author |
RE: Js injection help |
Mtutnid
Member
Posts: 79
Location: HELL
Joined: 22.09.10
Rank: Hacker Level 3 |
|
learn javascblockedript and then start with injections. You can execute things like MoshBat showed above
So remember when you're feeling very small and insecure
How amazingly unlikely is your birth
And pray that there's intelligent life somewhere up in space
'Cause there's bugger all down here on Earth |
|
|
| Author |
RE: Js injection help |
ghostraider100
Member
Posts: 53
Location: Place were peacemaker(Gandhi) was born
Joined: 01.08.10
Rank: Elite |
|
|
i've tried tat code lol it doest hav any effect hbh challanges(js9 esp.). |
|
|
| Author |
RE: Js injection help |
ghostraider100
Member
Posts: 53
Location: Place were peacemaker(Gandhi) was born
Joined: 01.08.10
Rank: Elite |
|
@mtutnid
i know js lol |
|
|
| Author |
RE: Js injection help |
ghostraider100
Member
Posts: 53
Location: Place were peacemaker(Gandhi) was born
Joined: 01.08.10
Rank: Elite |
|
@moshbat
i know some basic commands such as alert, document.write, then string manip, functions, etc., |
|
|
| Author |
RE: Js injection help |
techb
Member
Posts: 384
Location:
Joined: 15.02.09
Rank: Hacker Level 2 |
|
speaking of js injections, I found this on hackaday; it will turn any page into a Katamari game.
CODE::
javascblockedript:var i,s,ss=['http://kathack.com/js/kh.js','http://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js'];for(i=0;i!=ss.length;i++){s=document.createElement('scblockedript');s.src=ss[i];document.body.appendChild(s);}void(0);
if that didn't work. It can be found here.
I have even tried it here on HBH and if you get enough to stick to the ball, it will pick up the banner too.
|
|
| Author |
RE: Js injection help |
t0xikc0mputer
Member
Posts: 112
Location: t0xik waste dump
Joined: 07.01.11
Rank: Elite |
|
techb wrote:
speaking of js injections, I found this on hackaday; it will turn any page into a Katamari game.
CODE::
javascblockedript:var i,s,ss=['http://kathack.com/js/kh.js','http://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js'];for(i=0;i!=ss.length;i++){s=document.createElement('scblockedript');s.src=ss[i];document.body.appendChild(s);}void(0);
if that didn't work. It can be found here.
I have even tried it here on HBH and if you get enough to stick to the ball, it will pick up the banner too.
That's so cool!
This sentence is false.
Hahaha no.
Edited by t0xikc0mputer on 29-05-11 9:36 |
|
|
| Author |
RE: Js injection help |
HacKid
Member
Posts: 30
Location:
Joined: 02.03.09
Rank: Active User |
|
techb wrote:
speaking of js injections, I found this on hackaday; it will turn any page into a Katamari game.
CODE::
javascblockedript:var i,s,ss=['http://kathack.com/js/kh.js','http://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js'];for(i=0;i!=ss.length;i++){s=document.createElement('scblockedript');s.src=ss[i];document.body.appendChild(s);}void(0);
if that didn't work. It can be found here.
I have even tried it here on HBH and if you get enough to stick to the ball, it will pick up the banner too.
quick newbie question... Let's say this code is injected in some website vulnerable to SS... will the page itself be a katamari game permanently (obvious;y till it gets patched)? :evil: |
|
|
| Author |
RE: Js injection help |
Roelof
Member
Posts: 53
Location:
Joined: 01.07.10
Rank: Active User |
|
You can think of an xss made in a forum post, a guest book post etc. Then yes. Otherwise you must indeed send a horribly misformed URL, or at least send something to a specific person.
keep it simple and stupid |
|
|
Main:
