Properties are accessible in a sandboxed iframe
13
13
13
This vector attempts to see which properties are available on the parent window of a sandboxed iframe.
Created by: hackvertor
Created on: Friday, June 7, 2024 at 7:41:00 PM
Updated on: Friday, December 6, 2024 at 11:38:50 PM
Vector type: JS
Vector charset: UTF-8
Code used before fuzz:
const props = Object.getOwnPropertyNames(window);
for(const prop in document){
try{
props.push(prop);
} catch{}
}
props.forEach(prop => {
try {
if(typeof parent[prop] !== 'undefined') {
log(prop);
}
} catch{}
})
Template used:
1337
Your browser was detected as:
Detecting... Detecting... Detecting... Detecting...
Sample payloads
1337
Fuzz results
Chrome 125.0.0.0 desktop macOS 10.15.7
Updated
Fri Jun 07 2024
Found 13 results
Loading...
Firefox 126.0 desktop macOS 10.15
Updated
Fri Jun 07 2024
Found 13 results
Loading...
Safari 17.5 desktop macOS 10.15.7
Updated
Fri Jun 07 2024
Found 13 results
Loading...