| 6dd74de | | | 1 | <html> |
| 6dd74de | | | 2 | <head> |
| 6dd74de | | | 3 | <link href="https://fonts.googleapis.com/css?family=Montserrat&display=swap" rel="stylesheet" /> |
| 6dd74de | | | 4 | <style> |
| 6dd74de | | | 5 | .malware { |
| 6dd74de | | | 6 | position: fixed; |
| 6dd74de | | | 7 | bottom: 0; |
| 6dd74de | | | 8 | left: 0; |
| 6dd74de | | | 9 | right: 0; |
| 6dd74de | | | 10 | height: 150px; |
| 6dd74de | | | 11 | background: red; |
| 6dd74de | | | 12 | color: black; |
| 6dd74de | | | 13 | display: flex; |
| 6dd74de | | | 14 | display: flex; |
| 6dd74de | | | 15 | justify-content: center; |
| 6dd74de | | | 16 | align-items: center; |
| 6dd74de | | | 17 | font-family: monospace; |
| 6dd74de | | | 18 | font-size: 72px; |
| 6dd74de | | | 19 | } |
| 6dd74de | | | 20 | </style> |
| 6dd74de | | | 21 | <script> |
| 6dd74de | | | 22 | function xssAttack() { |
| 6dd74de | | | 23 | const div = document.createElement('div'); |
| 6dd74de | | | 24 | div.id = 'the-malware'; |
| 6dd74de | | | 25 | div.className = 'malware'; |
| 6dd74de | | | 26 | div.innerHTML = 'XSS Succeeded'; |
| 6dd74de | | | 27 | document.getElementsByTagName('body')[0].appendChild(div); |
| 6dd74de | | | 28 | // const el = document.querySelector('.mermaid'); |
| 6dd74de | | | 29 | // el.parentNode.removeChild(el); |
| 6dd74de | | | 30 | throw new Error('XSS Succeeded'); |
| 6dd74de | | | 31 | } |
| 6dd74de | | | 32 | </script> |
| 6dd74de | | | 33 | </head> |
| 6dd74de | | | 34 | <body> |
| 6dd74de | | | 35 | <script type="module" src="./viewer.js"></script> |
| 6dd74de | | | 36 | </body> |
| 6dd74de | | | 37 | </html> |