0x00 _blank
<script>
if(window.opener){
window.opener.location =
}
</script>
0x01 简单模板
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Document</title>
</head>
<body>
<a target="_blank"
</body>
</html>
<html>
<head>
<title>test</title>
<script>
if(window.opener){
window.opener.location =
}
</script>
</head>
<body>
<p>hello</p>
</body>
</html>
- 1.php同级下有个钓鱼模板fish.html,内容如下:
<html>
<head>
<title>fish</title>
</head>
<body>
<h2>This is fishing template!</h2>
</body>
</html>
- 点击a.html中的HELLO则会出现下面的情况,也就导致了钓鱼:
blank.gif