Other POC:
POC BIS (extremly minimal)
POC (very minimal)
MINIMAL (minimal)
DEBUG (full-featured)
Pros
- The blob can have new lines and spaces in it, they will be completly ingored! (really cool feature!)
- It uses getElementById() so more browsers understand it
- Full featured example
- In this example the blob is hidden (in the real world use style="" or find an hidden div)
Cons
- Quite big entry point payload
- It uses ' or " (in some conditions both) and spaces (can be avoided with the /**/ trick)
- Uses the onmouseover event of a link, it's executed automatically only with style=""
- The entry point is visible in case of JS off (and you can't do anything for that :P), a big invisible link over all the page that makes impossible to click on the lower layers.
- DO NOT FOCUS ON ENTRY POINT CONS, OF COURSE IMG COULD BE USED HERE
Proof of concept
%61%6C %65%72%74%2 8%27%55%68%2
C%20%69%74%20%77%6F%7 2%6B%65%64%20 %3A%20%29%27%29%3B%0A%0A% 2F%2A%4E%6
F%74%65%3 A%0A
%57%65%20% 63%61%6E%2
0%70%75%74%20%61%6E%79%20%73%74%75%66%66%20%6
8%65%72%65 %2C%20%7 7%69%74%68%20%6E%6F%20%6C%69%6D %69%74%20
%69%6
E%
2
0
%
6
C
%
6
5
%
6
E
%
6
7%
7
4
%68%20%6F %72%20%63%68%61
%72 %7 3% 2E%20%2 A%2F