The C# Hacktool I create required a unprotected page to test XSS attacks. The page input uses PHP to store data in a format that can be read on the page output. Occasionaly people put some very entertaining/intereting XSS attacks in, and before I clean the output page, I will log my favourite examples here.
Using a closing tag of the div containign the password-protected element, unprotected text can be displayed
Using a closing tag of the div containing the password-protected element,followed by a 'h1' tag.
Using a 'iframe' element that had an autopaly feature, the output page now had a rickroll
that played as soon as a user entered the website.
Using the same 'iframe' trick, someone uploaded all 31 videos in Markiplier's heist series
This one was particularly entertaining. By hovering over 'XSS Attack' in the main menu, starshiplad.com becomes covered in
'My Little Pony' animated gifs. If someone wants to own up, I'd be very interested in how you did it x'D.
'My Little Pony' animated gifs. If someone wants to own up, I'd be very interested in how you did it x'D.