Self replicating source
Monday, 7 January 2008
I’ve been having a lot of fun with the sla.ckers XSS replication contest and I found a cool way to replicate source code of the html document which I haven’t seen anywhere before. Check it out:-
alert(document.body.parentNode.innerHTML)
This alerts the entire HTML document in Firefox (hopefully IE7 as well). Which is pretty cool 🙂
Here is my complete entry which submits the source of itself and posts the content:-
The slice would have to be adjusted depending on the size of the document and the goal of the contest is to produce the smallest possible replication vector (with a couple of other rules).
No. 1 — January 7th, 2008 at 1:23 pm
This is interesting indeed! And could be used for many purposes like scanning the page content for malicious stuff getting rendered etc (combine this with onDomReady).
Very nice 😉
No. 2 — January 7th, 2008 at 2:18 pm
veeery nice man
No. 3 — January 7th, 2008 at 4:06 pm
Works in IE7 finally managed to test it
No. 4 — January 7th, 2008 at 6:36 pm
Might be interested in this as well:
alert(document.documentElement.innerHTML);
No. 5 — January 7th, 2008 at 6:42 pm
@Nils
Cool thanks! 🙂