Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Window Redress #13

Open
Miserlou opened this issue Oct 22, 2016 · 2 comments
Open

Window Redress #13

Miserlou opened this issue Oct 22, 2016 · 2 comments

Comments

@Miserlou
Copy link

Miserlou commented Oct 22, 2016
edited
Loading

This one, combined with #12 , is a really big one. Replace the current DOM content with the contents of another page and change the URL bar's contents and favicon. That way, you can replace the contents of '/dash' with the contents of '/login' and capture the resulting keystrokes. This is why XSS still rules.

Again, source example: https://github.com/Miserlou/XSS-Harvest
@mandatoryprogrammer
Copy link
Owner

There is a new version of XSS Hunter (e.g. v2) actively being developed which will actually have a module system for adding modules such as this. Stay tuned!

@thryb
Copy link

thryb commented Dec 15, 2016

Can't wait :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Miserlou @mandatoryprogrammer @thryb