Skip to content

Instantly share code, notes, and snippets.

@Rhynorater

Rhynorater/XSSbookmarklet.js

Last active May 18, 2020 04:23
Show Gist options
  • Save Rhynorater/d628f34e25e06ec37b0aa086b13781f5 to your computer and use it in GitHub Desktop.
Save Rhynorater/d628f34e25e06ec37b0aa086b13781f5 to your computer and use it in GitHub Desktop.
Download ZIP
XSS Discovery Bookmarklet
Raw
XSSbookmarklet.js
javascript:(function()%7Bvar j %3D document.getElementsByTagName("input")%3Bif (document.location.href.indexOf("%3F")>-1)%7Bvar l %3D "%26"%3B%7Delse%7Bvar l %3D "%3F"%3B%7Dfor (i%3D0%3Bi<j.length%3Bi%2B%2B)%7Bl%2B%3Dj%5Bi%5D.getAttribute("name")%2B'%3D"><test1234>%26'%7Ddocument.location %3D document.location%2Bl%7D)()
@EdOverflow
Copy link

There is also this one by @fransr:

javascript:(function()%7Bvar str='';var attack=prompt('Attack','');if(!attack)return false;function getallelems(v)%7Bvar ii=document.getElementsByTagName(v);for(var i=0;i<ii.length;i++)%7Bif(!ii%5Bi%5D.name)continue;str+=(str?'&':'')+ii%5Bi%5D.name+'='+attack;%7D%7Dgetallelems('input');getallelems('textarea');getallelems('select');str=document.location.search+(document.location.search.indexOf('?')==-1?'?':'&')+str;alert(str);document.location.search=str;%7D)();

@kick317
Copy link

kick317 commented Apr 18, 2020

Hi Justin, could you explain it in simple steps via images.

@kick317
Copy link

kick317 commented Apr 18, 2020

i meant how to add the script to the location of a book mark.

@kick317
Copy link

kick317 commented Apr 18, 2020

http://www.dev-hq.net/posts/1--create-javascript-bookmarklet

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment