Properties are accessible in a sandboxed iframe

Chrome logo 13
Firefox logo 13
Safari logo 13

This vector attempts to see which properties are available on the parent window of a sandboxed iframe.

Created by: hackvertor

Created on: Friday, June 7, 2024 at 7:41:00 PM

Updated on: Friday, December 6, 2024 at 11:38:50 PM

Vector type: JS

Vector charset: UTF-8

Code used before fuzz:
const props = Object.getOwnPropertyNames(window);
for(const prop in document){
  try{
       props.push(prop);
  } catch{}
}
props.forEach(prop => {
    try {
         if(typeof parent[prop] !== 'undefined') {
             log(prop);
          }
    } catch{}
})
Template used:
1337
Your browser was detected as:
Detecting... Detecting... Detecting... Detecting...

Sample payloads

1337

Fuzz results

Chrome logo
Chrome 125.0.0.0 desktop macOS 10.15.7

Updated

Fri Jun 07 2024
Found 13 results
Loading...
Firefox logo
Firefox 126.0 desktop macOS 10.15

Updated

Fri Jun 07 2024
Found 13 results
Loading...
Safari logo
Safari 17.5 desktop macOS 10.15.7

Updated

Fri Jun 07 2024
Found 13 results
Loading...