Exploiting Stroke triggered XSS through StrokeJacking - POC
Want to see the hidden picture on the left? Follow these instructions:
1) Make note of the 3 characters in the red tile.
2) Enter these in to the box below. With every correct entry one title is removed.
Note: The tile always has 3 characters. If you only see two then the third must be a 'space' character.
Note: This is based on the original StrokeJacking POC by Michal Zalewski. Since his site appears to be down I have temporarily hosted it here.
The part where the special characters '<' and ':' are taken make the POC a little unpredictable. If it does not work the first time then try again and again and again...
And oh..just incase you were curious, the girl in the picture is Sameera Reddy.