-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmalware-clipboard-hijack.html
More file actions
37 lines (37 loc) · 1.63 KB
/
malware-clipboard-hijack.html
File metadata and controls
37 lines (37 loc) · 1.63 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Clipboard Hijack</title>
<style>
body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif; margin: 0; padding: 20px; background: #f5f5f7; color: #1d1d1f; }
.test-header { background: #fff4e6; border: 1px solid #ffa200; padding: 10px 14px; border-radius: 6px; margin-bottom: 20px; font-size: 13px; }
.test-header strong { color: #b75500; }
.test-container { background: white; padding: 24px; border-radius: 8px; box-shadow: 0 2px 8px rgba(0,0,0,0.06); }
a.back { display: inline-block; margin-bottom: 16px; color: #0066cc; text-decoration: none; font-size: 13px; }
a.back:hover { text-decoration: underline; }
</style>
</head>
<body>
<a href="index.html" class="back">← Back to test suite</a>
<div class="test-header">
<strong>🧪 Nehboro Test Page:</strong> Clipboard Hijack · Should trigger: <code>CLIPBOARD_HIJACK</code>
</div>
<div class="test-container">
<h2>This page will attempt to write to your clipboard</h2>
<p>Click the button below. Nehboro's runtime interceptor should flag this.</p>
<button id="copybtn">Copy command to clipboard</button>
<p id="status"></p>
<script>
document.getElementById('copybtn').addEventListener('click', async () => {
try {
await navigator.clipboard.writeText('powershell -w hidden -EncodedCommand ZQBjAGgAbwAgAFAAdwBuAGUAZAA=');
document.getElementById('status').textContent = 'Wrote fake PowerShell command to clipboard (harmless - just text)';
} catch(e) {
document.getElementById('status').textContent = 'Blocked: ' + e.message;
}
});
</script>
</div>
</body>
</html>