- Payload deliver is injected into the page through basic DOM manipulation without refresh.
- DOM elements are capable of being deleted upon payload execution making them invisible on the live site.
- User is redirected upon payload execution making investigation annoying.
- Download the code.
- Replace HTML contents within index.php.
- Add a reference to the get_payload function variable at the end of the page load.