Author | Js injection help |
ghostraider100 Member

Posts: 71 Location:
Joined: 01.08.10 Rank: Wiseman | |
Hey guys i couldn't undestand how an js injection works. Some1 demo me with a example/syntax how it should be used, in a URL. |
 |
Author | RE: Js injection help |
Mtutnid Member

Posts: 102 Location: HELL
Joined: 22.09.10 Rank: Newbie | |
Have you tried google?
|
 |
Author | RE: Js injection help |
ghostraider100 Member

Posts: 71 Location:
Joined: 01.08.10 Rank: Wiseman | |
S, i've tried but i cant get it lol. If u hav a good tutors url post here. |
 |
Author | RE: Js injection help |
Mtutnid Member

Posts: 102 Location: HELL
Joined: 22.09.10 Rank: Newbie | |
learn javascript and then start with injections. You can execute things like MoshBat showed above
|
 |
Author | RE: Js injection help |
ghostraider100 Member

Posts: 71 Location:
Joined: 01.08.10 Rank: Wiseman | |
i've tried tat code lol it doest hav any effect hbh challanges(js9 esp.). |
 |
Author | RE: Js injection help |
ghostraider100 Member

Posts: 71 Location:
Joined: 01.08.10 Rank: Wiseman | |
@mtutnid
i know js lol |
 |
Author | RE: Js injection help |
ghostraider100 Member

Posts: 71 Location:
Joined: 01.08.10 Rank: Wiseman | |
@moshbat
i know some basic commands such as alert, document.write, then string manip, functions, etc., |
 |
Author | RE: Js injection help |
techb Member

Posts: 384 Location:
Joined: 15.02.09 Rank: Moderate | |
speaking of js injections, I found this on hackaday; it will turn any page into a Katamari game.
CODE::
Code
javascript:var i,s,ss=['http://kathack.com/js/kh.js','http://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js'];for(i=0;i!=ss.length;i++){s=document.createElement('script');s.src=ss[i];document.body.appendChild(s);}void(0);
if that didn't work. It can be found here.
I have even tried it here on HBH and if you get enough to stick to the ball, it will pick up the banner too.
|
 |
Author | RE: Js injection help |
t0xikc0mputer Member

Posts: 112 Location: t0xik waste dump
Joined: 07.01.11 Rank: Newbie | |
techb wrote:
speaking of js injections, I found this on hackaday; it will turn any page into a Katamari game.
CODE::
Code
javascript:var i,s,ss=['http://kathack.com/js/kh.js','http://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js'];for(i=0;i!=ss.length;i++){s=document.createElement('script');s.src=ss[i];document.body.appendChild(s);}void(0);
if that didn't work. It can be found here.
I have even tried it here on HBH and if you get enough to stick to the ball, it will pick up the banner too.
That's so cool!
|
 |
Author | RE: Js injection help |
Member

Posts: Location:
Joined: 01.01.70 Rank: Guest | |
techb wrote:
speaking of js injections, I found this on hackaday; it will turn any page into a Katamari game.
CODE::
Code
javascript:var i,s,ss=['http://kathack.com/js/kh.js','http://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js'];for(i=0;i!=ss.length;i++){s=document.createElement('script');s.src=ss[i];document.body.appendChild(s);}void(0);
if that didn't work. It can be found here.
I have even tried it here on HBH and if you get enough to stick to the ball, it will pick up the banner too.
quick newbie question... Let's say this code is injected in some website vulnerable to SS... will the page itself be a katamari game permanently (obvious;y till it gets patched)? :evil: |
 |
Author | RE: Js injection help |
Member

Posts: Location:
Joined: 01.01.70 Rank: Guest | |
You can think of an xss made in a forum post, a guest book post etc. Then yes. Otherwise you must indeed send a horribly misformed URL, or at least send something to a specific person.
|
 |