JustForFun
JustForFun
Hello World
AppSecNotes
API Security Notes
DAV Methods and Old Features
OSEP Preperation Notes
OSEP Journey Begin!
Basics and More
Payload Types (Staged vs. Non-Staged)
File Smuggling with HTML & JS
VBA Basics
Basic Phishing Macro Creation Tricks
Post Exploitation Notes
Things
HackTheBox Lab – Invite Code Write-Up
OSCP Yolculuğum
VulnHub – SkyTower CTF Walkthrough
Markdown Syntax
Web Uygulama Güvenliği Ve Güvenli Kod Geliştirme LYK-2014 Notlarım
Yalnızca Eğlenmek İçin
Powered by GitBook

File Smuggling with HTML & JS

First, you created a payload, and you need to publish it over a website. So, we should turn our payload to downloadable resources from the website.

You can find a good example below.

We'll work with HTML and JavaScript, which means we can write this page in many different versions.

If you are creating a phishing site you should consider browser compatibility. IE and other Modern Browsers may not support each other's API's.

OSEP Preperation Notes - Previous
Payload Types (Staged vs. Non-Staged)
Next - OSEP Preperation Notes
VBA Basics
Last updated 4 months ago