| Author | Js injection help |
ghostraider100
Member
Posts: 71
Location:
Joined: 01.08.10
Rank: Wiseman | |
| Hey guys i couldn't undestand how an js injection works. Some1 demo me with a example/syntax how it should be used, in a URL. |
 |
| Author | RE: Js injection help |
Mtutnid
Member
Posts: 102
Location: HELL
Joined: 22.09.10
Rank: Newbie | |
Have you tried google?
|
|
|
| Author | RE: Js injection help |
ghostraider100
Member
Posts: 71
Location:
Joined: 01.08.10
Rank: Wiseman | |
| S, i've tried but i cant get it lol. If u hav a good tutors url post here. |
|
|
| Author | RE: Js injection help |
Mtutnid
Member
Posts: 102
Location: HELL
Joined: 22.09.10
Rank: Newbie | |
learn javascript and then start with injections. You can execute things like MoshBat showed above
|
|
|
| Author | RE: Js injection help |
ghostraider100
Member
Posts: 71
Location:
Joined: 01.08.10
Rank: Wiseman | |
| i've tried tat code lol it doest hav any effect hbh challanges(js9 esp.). |
|
|
| Author | RE: Js injection help |
ghostraider100
Member
Posts: 71
Location:
Joined: 01.08.10
Rank: Wiseman | |
@mtutnid
i know js lol |
|
|
| Author | RE: Js injection help |
ghostraider100
Member
Posts: 71
Location:
Joined: 01.08.10
Rank: Wiseman | |
@moshbat
i know some basic commands such as alert, document.write, then string manip, functions, etc., |
|
|
| Author | RE: Js injection help |
techb
Member
Posts: 384
Location:
Joined: 15.02.09
Rank: Moderate | |
speaking of js injections, I found this on hackaday; it will turn any page into a Katamari game.
CODE::
Code
javascript:var i,s,ss=['http://kathack.com/js/kh.js','http://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js'];for(i=0;i!=ss.length;i++){s=document.createElement('script');s.src=ss[i];document.body.appendChild(s);}void(0);
if that didn't work. It can be found here.
I have even tried it here on HBH and if you get enough to stick to the ball, it will pick up the banner too.
|
 |
| Author | RE: Js injection help |
t0xikc0mputer
Member
Posts: 112
Location: t0xik waste dump
Joined: 07.01.11
Rank: Newbie | |
techb wrote:
speaking of js injections, I found this on hackaday; it will turn any page into a Katamari game.
CODE::
Code
javascript:var i,s,ss=['http://kathack.com/js/kh.js','http://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js'];for(i=0;i!=ss.length;i++){s=document.createElement('script');s.src=ss[i];document.body.appendChild(s);}void(0);
if that didn't work. It can be found here.
I have even tried it here on HBH and if you get enough to stick to the ball, it will pick up the banner too.
That's so cool!
|
|
|
| Author | RE: Js injection help |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
techb wrote:
speaking of js injections, I found this on hackaday; it will turn any page into a Katamari game.
CODE::
Code
javascript:var i,s,ss=['http://kathack.com/js/kh.js','http://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js'];for(i=0;i!=ss.length;i++){s=document.createElement('script');s.src=ss[i];document.body.appendChild(s);}void(0);
if that didn't work. It can be found here.
I have even tried it here on HBH and if you get enough to stick to the ball, it will pick up the banner too.
quick newbie question... Let's say this code is injected in some website vulnerable to SS... will the page itself be a katamari game permanently (obvious;y till it gets patched)? :evil: |
|
|
| Author | RE: Js injection help |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
You can think of an xss made in a forum post, a guest book post etc. Then yes. Otherwise you must indeed send a horribly misformed URL, or at least send something to a specific person.
|
|
|
